New Search

IE v5.5 Frames Cross-site Scripting Vulnerability

oval:org.mitre.oval:def:225

Cross-site scripting vulnerability (XSS) in Internet Explorer 5.01 through 6.0 allows remote attackers to read and execute files on the local system via web pages using the <frame> or <iframe> element and javascript aka "Frames Cross Site Scripting" as demonstrated using the PrivacyPolicy.dlg resource.

Family:
windows
Status:
ACCEPTED
Platform(s):
  • Microsoft Windows 2000
Class:
vulnerability
Reference(s):
  • CVE-2002-1187
Product(s):
  • Microsoft Internet Explorer