eliminates a vulnerability in Internet Explorer which could allow malicious Web site operators to view a file on the computer of a visiting user provided that they knew the name and folder of the file.
When a Web server performs a server-side redirect, the Internet Explorer security model checks the server's permissions on the new page. However, under favorable timing conditions, it is possible for a Web server to create a reference to a client window that the server is permitted to view, then use a server-side redirect to a client local file, and bypass the security restrictions.
The result is that it could be possible for a malicious Web site operator to view files on the computer of a visiting user. The Web site operator would need, however, to know (or guess) the name and location of the file.
Please note that there is a different patch for each of the following versions of Internet Explorer: 4.01, 5.0, and 5.01.
Microsoft Internet Explorer and quot;Server-side Page Reference Redirect and quot; Vulnerability Patch runs on
Windows 95/98/Me/NT/2000/Windows 10/11
and is available under the
Freeware
license
— the installer is 484 KB.
We’ve catalogued it under
Browsers.
✓
Verified clean. Every Microsoft Internet Explorer and quot;Server-side Page Reference Redirect and quot; Vulnerability Patch build on SoftLookup is scanned for viruses, spyware, adware, trojans and backdoors. We re-test on every update.
Help fellow users decide. Share your experience with Microsoft Internet Explorer and quot;Server-side Page Reference Redirect and quot; Vulnerability Patch.