New Search

IE v5.5SP2 Similar Method Name Redirection Cross Domain Vulnerability

oval:org.mitre.oval:def:7448

Microsoft Internet Explorer 6.0.2800.1106 on Microsoft Windows XP SP2 and other versions including 5.01 and 5.5 allows remote web servers to bypass zone restrictions and execute arbitrary code in the local computer zone by redirecting a function to another function with the same name as demonstrated by SimilarMethodNameRedir aka the "Similar Method Name Redirection Cross Domain Vulnerability."

Family:
windows
Status:
ACCEPTED
Platform(s):
  • Microsoft Windows 98
  • Microsoft Windows NT
  • Microsoft Windows 2000
  • Microsoft Windows XP
  • Microsoft Windows Server 2003
Class:
vulnerability
Reference(s):
  • CVE-2004-0727
Product(s):
  • Microsoft Internet Explorer