Core Security specialist Jorge Luis Alvarez Medina has announced plans to demonstrate vulnerabilities in Internet Explorer at the upcoming Black Hat security conference.

"The problem is reportedly not new and is based on the failure of Internet Explorer's security zone settings to bite when a path is entered in UNC (Uniform Naming Convention) format in the browser (e.g. \127.0.0.1pfaddateiname)," according to The H Security. "This means that under specific conditions JavaScript from the Internet Zone can access local files, despite the fact that the zone model is intended to prevent this."

"Medina is to publish details of the vulnerability at the Black Hat conference on the 3rd of February," the article states.

Click here to read the article at The H Security.