IE 5.01 Cross Frame Navigation
Reported December 22, 1999 by Georgio Guninski
IE 5.01 vulnerabilities in
This allows reading local text and HTML files and
files from any host (suppose reading files of any type is possible), getting cookies (that
is dangerous because may get passwords, CC #s, etc.) and other sensitive information. It
is also possible in some cases to read files behind firewall. This vulnerability may be
exploited using HTML email message or a newsgroup posting.
Examine the code below for more information.
Microsoft is aware of this issue, however their response was unknown at the time of this writing.
Discovered by Georgio Guninski