New Search

IE Frame Domain Verification Vulnerability

oval:org.mitre.oval:def:974

Internet Explorer 5.5 and 6.0 allows remote attackers to read certain files and spoof the URL in the address bar by using the Document.open function to pass information between two frames from different domains a new variant of the "Frame Domain Verification" vulnerability described in MS:MS01-058/CAN-2001-0874.

Family:
windows
Status:
ACCEPTED
Platform(s):
  • Microsoft Windows XP
  • Microsoft Windows NT
  • Microsoft Windows 2000
  • Microsoft Windows ME
  • Microsoft Windows 98
Class:
vulnerability
Reference(s):
  • CVE-2002-0027
Product(s):
  • Microsoft Internet Explorer