Gregory R. Panakkal has discovered a weakness in Internet Explorer, which can be exploited by malicious people to detect the presence of local files.
The "sysimage:" URI handler is used for referencing embedded icons in executable files. The problem is that a website in the "Internet" zone can reference the URI handler in an image tag. This can be exploited to determine the presence of local programs using the "onerror" and "onload" events.
The weakness has been confirmed on a fully patched system with Internet Explorer 6.0 and Microsoft Windows XP SP1.
SOFTWARE:
Microsoft Internet Explorer 6
SOLUTION:
The weakness does not affect systems running Windows XP with SP2 installed.
Disable Active Scripting Support.
PROVIDED AND/OR DISCOVERED BY:
Gregory R. Panakkal
http://community.securityteam.us/article.php/20041208104629628