«

"Microsoft Internet Explorer is prone to an information-disclosure
vulnerability because it fails to properly enforce cross-domain policies.

This issue may allow attackers to access arbitrary websites in the context
of a targeted user's browser session. This may allow attackers to perform
actions in web applications with the privileges of exploited users or to
gain access to potentially sensitive information. This may aid attackers in
further attacks.

Microsoft Internet Explorer version 6.0 on Windows XP SP2 is vulnerable to
this issue; other versions may also be affected."

http://www.securityfocus.com/bid/18682/discuss

-- Imhotep


--
*************************************
Pass a Net Neutrality Law in the US!!!!

Save the Internet:
http://www.savetheinternet.com/

Its our net:
http://www.itsournet.org/

*************************************

imhotep wrote:
> "Microsoft Internet Explorer is prone to an information-disclosure
> vulnerability because it fails to properly enforce cross-domain policies.

MUAHAHA!

IE cannot ever enforce cross-domain policies by design! Lie Di Yu has
pointed that out back in 2004 and nothing has been changed since then.

<http://www.safecenter.net/crosszone/ie/SaveRef.htm>