Internet Explorer executes code in pictures

February 11, 2009 – 5:32 AM

A feature in Internet Explorer, which checked the type of file before presenting it to the user, has been found to allow execution of JavaScript embedded in an image. The MIME sniffing functionality was originally meant to compensate for web servers sending out the wrong content type information when they responded to a request for an image. However it now appears that the feature can be easily confused, and that confusion can be exploited through a crafted image file with embedded HTML and JavaScript code that will be rendered and executed by the browser.

heise Security presents a feature, Risky MIME Sniffing in Internet Explorer, which examines the problem, demonstrates it with examples and explains how users and web site developers can mitigate the risk.


You must be logged in to post a comment.