Due buchi in Internet Explorer
Trovati due nuove falle in IE su sistemi WIN XP SP2. Qui di seguito il dettaglio:
* Microsoft Windows XP SP2 has a security feature which warns users when
opening downloaded files of certain types. The problem is that if the downloaded
file was sent with a specially crafted "Content-Location" HTTP header
in some situations, then no security warning will be given to the user when
the file is opened.
can be exploited to spoof the file extension in the "Save HTML Document"
* Disable Active Scripting support and the "Hide extension for known
file types" option.