Press CTRL-D to bookmark us
Welcome Guest Login / Register / Members
Search in  
Top Submit newsSubscribe
Communication | Computer Crime | Digital Audio, Video, Photo | General News | Hardware | Internet | Mobile | PDA | Security | Software | Vulnerability |
Previous articleBack to news listNext article
 

 Sponsored links

Want to become one of our authors and see your work published on ALLSeek.iNFO ?
 
 Microsoft Internet Explorer Various Cross-Domain Flaws Permit Remote Scripting in Arbitrary Domains
Categorie: Vulnerability
Posted: 2003-09-15 by ReCall
Views: 341
Source: Click here
 		Current Rating: Not rated
Poor Best
 Details
Description: Several cross-domain scripting vulnerabilities were reported in Microsoft Internet Explorer (IE). A remote user can cause arbitrary scripting to be executed in an arbitrary security domain.

Liu Die Yu reported multiple vulnerabilities in IE. A remote user can create HTML that, when loaded by the target user, will cause scripting code to be executed in a different domain (such as the Local Computer domain). The scripting code can access information related to the domain, potentially including cookies, files, and system commands.

Demonstration exploit examples are available at:

http://umbrella.mx.tc/
http://www.safecenter.net/liudieyu/

Impact: A remote user can create HTML that will cause arbitrary scripting code to be executed in an arbitrary security domain on the target user's system when the target user loads the HTML.

Solution: No solution was available at the time of this entry.
 
Syndication
Permalink Email this

The URI to TrackBack this entry is:
http://allseek.info/news/trackback.php?id=428

User comments (post your comments here)

Only registerd members can post comments and articles
 
Previous articleBack to news listNext article
 


InterJOB.su
Bookmark us | Set As Homepage | Advertising | Contact Us | Recomend us | Link us | Links | Terms

SpyLOG Page Rank Checker
LAST QUERIES