Intrusion Prevention

MS.IE.Temporary.Internet.Files.Access

Description

This indicates an attempt to gain unauthorized access to a local system files via Microsoft Internet Explorer (IE) cache mechanism.


IE is designed such that files are handled differently when accessed directly than when accessed via cache. In general there are more restrictions on file processing via cache for security purposes. An attacker can cause a malformed compiled HTML help (CHM) file to be downloaded onto a vulnerable machine and learn the physical location of the cached files. Since direct file access is less-restrictive than cache access, an attacker can cause arbitrary code to execute on the target system.

Affected Products

Microsoft Internet Explorer versions 5.x and 6.0

Impact

An attacker can execute arbitrary code on infected systems
Leak of information may assist future attacks

Recommended Actions

Apply appropriate patches or upgrade the system to the latest non-vulnerable version

CVE References

CVE-2001-0002

Other References

1 1