IE 5.01 Cross Frame Navigation Reported December 22, 1999 by Georgio Guninski IE 5.01 vulnerabilities in
external.NavigateAndFind()
This allows reading local text and HTML files and
files from any host (suppose reading files of any type is possible), getting cookies (that
is dangerous because may get passwords, CC #s, etc.) and other sensitive information. It
is also possible in some cases to read files behind firewall. This vulnerability may be
exploited using HTML email message or a newsgroup posting.
In this case the code in the "javascript:" URL is executed in the security context of the target frame and the code has access to the document loaded in the target frame.
Examine the code below for more information.
VENDOR RESPONSE
Microsoft is aware of this issue, however their response was unknown at the time of this writing.
Discovered by Georgio Guninski |
More IE5 Cross Frame Nav - 22 Dec 1999
0 comments
Hide comments