Saturday, October 23, 2004

Microsoft Internet Explorer JavaScript Method Assignment Cross-Domain Scripting Vulnerability

A vulnerability exists in Microsoft Internet Explorer that may allow cross-domain/cross-zone scripting.

It is reported that the vulnerability presents itself due to a failure to properly validate trust relationships between method calls that are made in separate Internet Explorer windows. This may make it possible for script code to access properties of a foreign domain or Security Zone.

Exploitation may permit execution of arbitrary code as the victim user.

If you are a IE6 SP2 user then you are safe.

Clicking on the link below will also give you steps to make ur secure from the below venurability.

You can read more on it here


Post a Comment

<< Home