Internet explorer can reveal the existence of a file based on how it handles file URIs like file://…, by default IE implements Local Machine Zone Lockdown (LMZL) to prevent access to file URIs and alerts the user via error dialogue box irrespective of the existence of the file. Furthermore, IE restricts execution of scripts based on … Continue reading “Internet Explorer Information Disclosure Vulnerability (CVE-2016-3321)”