exploits , vulnerabilities , articles , Microsoft Internet Explorer Document.Domain Cross-Domain Same Origin Overwriting Vulnerability
| Title |
Microsoft Internet Explorer Document.Domain Cross-Domain Same Origin Overwriting Vulnerability |
| Published |
2007-06-28-12:00AM |
| Updated |
2007-06-29-09:48PM |
| Class |
Origin Validation Error |
| CVE |
|
| Remote |
Yes |
| Local |
No |
| Credit |
Gareth Heyes is credited with the discovery of this vulnerability. |
| Vulnerable |
Microsoft Internet Explorer 6.0 SP2
Microsoft Internet Explorer 6.0 SP1
Microsoft Internet Explorer 6.0
Citrix ICA Client for Windows 4.0 SP6a
Microsoft Windows 2000 Advanced Server SP2
Microsoft Windows 2000 Advanced Server SP2
Microsoft Windows 2000 Advanced Server SP1
Microsoft Windows 2000 Advanced Server SP1
Microsoft Windows 2000 Advanced Server
Microsoft Windows 2000 Advanced Server
Microsoft Windows 2000 Datacenter Server SP2
Microsoft Windows 2000 Datacenter Server SP2
Microsoft Windows 2000 Datacenter Server SP1
Microsoft Windows 2000 Datacenter Server SP1
Microsoft Windows 2000 Datacenter Server
Microsoft Windows 2000 Datacenter Server
Microsoft Windows 2000 Professional SP2
Microsoft Windows 2000 Professional SP2
Microsoft Windows 2000 Professional SP1
Microsoft Windows 2000 Professional SP1
Microsoft Windows 2000 Professional
Microsoft Windows 2000 Professional
Microsoft Windows 2000 Server SP2
Microsoft Windows 2000 Server SP2
Microsoft Windows 2000 Server SP1
Microsoft Windows 2000 Server SP1
Microsoft Windows 2000 Server
Microsoft Windows 2000 Server
Microsoft Windows 2000 Terminal Services SP2
Microsoft Windows 2000 Terminal Services SP2
Microsoft Windows 2000 Terminal Services SP1
Microsoft Windows 2000 Terminal Services SP1
Microsoft Windows 2000 Terminal Services
Microsoft Windows 2000 Terminal Services
Microsoft Windows 98
Microsoft Windows 98
Microsoft Windows 98SE
Microsoft Windows 98SE
Microsoft Windows ME
Microsoft Windows ME
Microsoft Windows NT 4.0 SP6a
Microsoft Windows NT Enterprise Server 4.0 SP6a
Microsoft Windows NT Enterprise Server 4.0 SP6a
Microsoft Windows NT Server 4.0 SP6a
Microsoft Windows NT Server 4.0 SP6a
Microsoft Windows NT Workstation 4.0 SP6a
Microsoft Windows NT Workstation 4.0 SP6a
Microsoft Windows Server 2003 Datacenter Edition
Microsoft Windows Server 2003 Datacenter Edition
Microsoft Windows Server 2003 Datacenter Edition Itanium 0
Microsoft Windows Server 2003 Enterprise Edition
Microsoft Windows Server 2003 Enterprise Edition
Microsoft Windows Server 2003 Enterprise Edition Itanium 0
Microsoft Windows Server 2003 Enterprise Edition Itanium 0
Microsoft Windows Server 2003 Standard Edition
Microsoft Windows Server 2003 Standard Edition
Microsoft Windows Server 2003 Web Edition
Microsoft Windows Server 2003 Web Edition
Microsoft Windows XP Home
Microsoft Windows XP Home
Microsoft Windows XP Professional
Microsoft Windows XP Professional
Microsoft Internet Explorer 7.0 beta3
Microsoft Internet Explorer 7.0 beta2
Microsoft Internet Explorer 7.0 beta1
Microsoft Internet Explorer 7.0
Microsoft Windows Vista Ultimate
Microsoft Windows Vista Ultimate
Microsoft Windows Vista Ultimate
Microsoft Windows Vista Home Premium
Microsoft Windows Vista Home Premium
Microsoft Windows Vista Home Premium
Microsoft Windows Vista Home Basic
Microsoft Windows Vista Home Basic
Microsoft Windows Vista Home Basic
Microsoft Windows Vista Enterprise
Microsoft Windows Vista Enterprise
Microsoft Windows Vista Enterprise
Microsoft Windows Vista Business
Microsoft Windows Vista Business
Microsoft Windows Vista Business
Microsoft Windows Vista 0
Microsoft Windows Vista 0
Microsoft Windows Vista 0
Microsoft Windows Vista 0
|
| Not Vulnerable |
|
| Code |
An attacker can exploit this issue by enticing an unsuspecting user to follow a malicious URI. A proof-of-concept example by Gareth Heyes is availablehttp://www.0x000000.com/hacks/crossdomain/crossdomain.html |
| TXT |
 |
|
Advertising
|
|
Copyright 2007,
SecurityDot
Tue, 02 Dec 2008 10:10:23 +0000
Friends : milw0rm.com , secunia.com , securityfocus.com
GOOGLE
NEWS
EXPLOITS
VULNS
exploits , 0day exploits , newest exploits , vulnerabilities , newest vulnerabilities , 0day vulnerabilities , newest articles , linux articles , articles
1786 Arabia sex mirc 6.3 Free pron t667t www.china- Seix vidao Www.malaya Free pron WWW.SEX.18 free sex v www.rapeph CMS is Fre www.baiduy .89.com news for c www.web918 Mobile sex 12:00+AMup iraniansex product new id cre www.89kom 200 /compo Linux 2.4. ame ricang ghofl shek Kaviyamada l616.com Hot and se beach sex www.fangch Www.metaca all cartoo xxx sexy v Www.metaca ww.xlxx.se joomal ph explor Www.Indian www.indian mambo Remo nayanthara Kaviyamada who is on t271t www.indian 200 /compo Http://Sec lolita
|
