Re: File extensions spoofable in MSIE download dialog

["'StatiC'" <static () tampabay rr com>]

It appears only IE5.5 has this problem.  I just tested with IE5.0 sp2 and IE6 and both of those version prompt and wait 
for user intervention for readme.txt and then wait a second time while prompting to ask to open/saveas calc.exe.

IE5.5 will prompt the user for the initial readme.txt but the next open dialog that appears for the .exe goes through 
immediately without user intervention and executes.

I have tested 2 seperate IE5.5 systems(one was a new install with default IE5.5 sp2 settings) and they both execute the 
calc.exe file without giving the user a choice after the initial readme.txt dialog.

StatiC

On Thu, Nov 29, 2001 at 07:03:21PM +0100, chef wrote:
>   -----Ursprüngliche Nachricht-----
> > Von: StatiC [mailto:static () tampabay rr com] 
> > Gesendet: Donnerstag, 29. November 2001 03:52
> >
> > I was playing with apache configs a few months ago and 
> > noticed a similar issue with IE5.5.  The procodure below will 
> > cause IE5.5 to display the open dialog for readme.txt but 
> > once opened, it executes immediately on IE5.5 sp2 with no 
> > hint that it is really getting an executable file called 
> > calc.exe.  I only tested it with IE5.5.
>
> I testet it right now, with IE6; Q312461 / WinXP and i think
> there is no problem at all.
>
> First a question for text.txt pops up and when i say "open"
> a second message with question for save / open pops up.
> This second popup tells the right name "calc.exe" .
> Finally when i say "open" it opens the calculator.
>
> For testing: http://www.geilerserver.de/text.txt
>
> > Why does microsoft think it is wise to trust the filename in 
> > the url over what the header content-type is set to for 
> > display purposes since the content-type seems to take 
> > priority for what will really happen with the file.
>
> I think that's only a Problem of older Versions.
>
> ^cUbE^