|
Neohapsis is currently accepting applications for employment. For more information, please visit our website www.neohapsis.com or email hr@neohapsis.com |
From: Russ (Russ.Cooper
RC.ON.CA)Date: Thu Feb 21 2002 - 20:17:13 CST
http://www.microsoft.com/technet/security/bulletin/MS02-009.asp
Affects IE 5.01, 5.5, and 6.0 (regardless of platform).
Vulnerability allows VBScript launched in one frame, to access the
contents of other frames (in particular, frames that are consider in a
different domain, e.g. a frame in the Internet Zone can access the
contents of a frame in the My Computer zone). As such, a script could
read local files on a target system.
Microsoft rates this issue as Moderate for Internet/Intranet services,
and Critical for clients.
Cheers,
Russ - NTBugtraq Editor
oooooooooooooooooooooooooooooooooooooooooooooooooooooooooooooooooooooooooooo
Delivery co-sponsored by Qualys - Make Your Network Secure
oooooooooooooooooooooooooooooooooooooooooooooooooooooooooooooooooooooooooooo
Go Beyond PARTIAL Security: FREE White Paper
Stop hassling with half-baked ENTERPRISE SECURITY.
FREE White Paper shows you how to ensure TOTAL security for your Internet
perimeter with the most current and most complete PROACTIVE Vulnerability
Assessment solution. Get your FREE White Paper now. Click here!
https://www.qualys.com/forms/techwhite_86.html
oooooooooooooooooooooooooooooooooooooooooooooooooooooooooooooooooooooooooooo
- Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]