1. Symantec-Broadcom-Horizontal/
  2. Security Response/
  3. Attack Signatures/
  4. HTTP MS IE Sysimage File Detection

HTTP MS IE Sysimage File Detection

Severity: Medium

This attack could pose a moderate security threat. It does not require immediate action.


This signature detects attempts to exploit a file disclosure vulnerability in Internet Explorer.

Additional Information

Microsoft Internet Explorer is reported prone to a vulnerability that may allow a remote site to detect files on the local computer.

It is reported that Internet Explorer includes functionality that employs the 'sysimage://' protocol handler that displays the appropriate icon equivalent to a file path specified. If a proper file path is supplied, that browser displays the corresponding icon; otherwise, a folder icon is displayed.

A remote attacker can exploit this issue to detect the existence of a file on the local computer of the Web client viewing a malicious page. This could lead to a disclosure of sensitive information to remote attackers.


  • Microsoft Internet Explorer 6.0, 6.0 SP1


Currently there are no known patches or workarounds for this vulnerability. It is recommended that users upgrade to the latest version of the application and contact the vendor for more details.

Additional References

  • Twitter
  • Facebook
  • LinkedIn
  • Google+
  • YouTube