Due buchi in Internet Explorer
Trovati due nuove falle in IE su sistemi WIN XP SP2. Qui di seguito il dettaglio:
Details
* Microsoft Windows XP SP2 has a security feature which warns users when
opening downloaded files of certain types. The problem is that if the downloaded
file was sent with a specially crafted "Content-Location" HTTP header
in some situations, then no security warning will be given to the user when
the file is opened.
* An error when saving some documents using the Javascript function "execCommand()",
can be exploited to spoof the file extension in the "Save HTML Document"
dialog.
Solution:
* Disable Active Scripting support and the "Hide extension for known
file types" option.