[<prev] [next>] [<thread-prev] [thread-next>] [day] [month] [year] [list]
Message-ID: <20030727101328.GB3144@mess.kimihia.org.nz>
Date: Sun, 27 Jul 2003 22:13:28 +1200
From: Stephen Cope <mail@...sense.kimihia.org.nz>
To: bugtraq@...urityfocus.com
Subject: Re: TEXT/PLAIN: ALERT("OUTLOOK EXPRESS")
Denis Jedig wrote:
> Internet Explorer seems to take no offense on Content-Types either -
> text/plain from a web server is happily rendered as HTML, if it contains
> valid tags.
This has been its /modus operandi/ for over four years:
http://support.microsoft.com/default.aspx?scid=kb;en-us;239750
Microsoft Knowledge Base Article - 239750
"Text/Plain" Content-Type Header Field Is Ignored
SYMPTOMS
Internet Explorer may not use the "Text/Plain" Content-Type header
field to properly open a text file on a Web site. For example, if a
text file has an extension commonly associated with an executable
binary file, Internet Explorer may try to run the text file instead
of opening it as text.
...
STATUS
Microsoft has confirmed that this is a problem in the Microsoft
products that are listed at the beginning of this article.
--
Stephen Cope - http://sdc.org.nz/
Powered by blists - more mailing lists