Oval Definition:oval:org.mitre.oval:def:141
Revision Date:2016-02-19Version:50
Title:Microsoft Internet Explorer MIME Hack
Description:HTML e-mail feature in Internet Explorer 5.5 and earlier allows attackers to execute attachments by setting an unusual MIME type for the attachment, which Internet Explorer does not process correctly.
Family:windowsClass:vulnerability
Status:ACCEPTEDReference(s):CVE-2001-0154
Platform(s):Microsoft Windows 2000
Product(s):Microsoft Internet Explorer
Definition Synopsis
  • Software section
  • Internet Explorer 5.01 Installed
  • Internet Explorer 5.01 Installed
  • OR Internet Explorer 5.01 Installed
  • OR Internet Explorer 5.01 Installed
  • OR Internet Explorer 5.01 Installed
  • OR Internet Explorer 5.01 Installed
  • OR Internet Explorer 5.01 Installed
  • AND File %windir%\system32\shdocvw.dll version is less than 5.0.3214.2000
  • AND NOT the patch q290108 is installed
  • AND NOT Patch Q295106 Installed
  • AND NOT Win2K/XP/2003/Vista/2008 service pack 2 is installed
  • AND Configuration section
  • file downloads are enabled
  • current user settings are being used and file downloads are enabled
  • NOT use machine settings rather than individual user settings
  • AND file downloads are enabled for the local machine
  • AND local machine settings are being used and file downloads are enabled
  • use machine settings rather than individual user settings
  • AND file downloads are enabled for the current user
    • BACK