Microsoft Internet Explorer Vulnerability

Discussion in 'Computer Security' started by imhotep, Jun 28, 2006.

  1. imhotep

    imhotep Guest

    "Microsoft Internet Explorer is prone to an information-disclosure
    vulnerability because it fails to properly enforce cross-domain policies.

    This issue may allow attackers to access arbitrary websites in the context
    of a targeted user's browser session. This may allow attackers to perform
    actions in web applications with the privileges of exploited users or to
    gain access to potentially sensitive information. This may aid attackers in
    further attacks.

    Microsoft Internet Explorer version 6.0 on Windows XP SP2 is vulnerable to
    this issue; other versions may also be affected."

    http://www.securityfocus.com/bid/18682/discuss

    -- Imhotep


    --
    *************************************
    Pass a Net Neutrality Law in the US!!!!

    Save the Internet:
    http://www.savetheinternet.com/

    Its our net:
    http://www.itsournet.org/

    *************************************
     
    imhotep, Jun 28, 2006
    #1
    1. Advertisements

  2. MUAHAHA!

    IE cannot ever enforce cross-domain policies by design! Lie Di Yu has
    pointed that out back in 2004 and nothing has been changed since then.

    <http://www.safecenter.net/crosszone/ie/SaveRef.htm>
     
    Sebastian Gottschalk, Jun 28, 2006
    #2
    1. Advertisements

Ask a Question

Want to reply to this thread or ask your own question?

You'll need to choose a username for the site, which only take a couple of moments (here). After that, you can post your question and our members will help you out.