|
-
June 30th, 2004, 06:36 PM
#1
IE Frame Injection Vulnerability
Secunia Advisory: SA11966
Release Date: 2004-06-30
Moderately critical
Impact: Spoofing
Where: From remote
Software: Microsoft Internet Explorer 5.01
Microsoft Internet Explorer 5.5
Microsoft Internet Explorer 6
Description:
http-equiv has discovered a 6 year old vulnerability in Microsoft Internet Explorer, allowing malicious people to spoof the content of websites.
The problem is that Internet Explorer fails to stop a malicious website from loading arbitrary content in an arbitrary frame in another browser window. An example has been posted, which shows arbitrary content in a frame on windowsupdate.microsoft.com.
Solution:
Do not visit or follow links from untrusted websites.
Use another browser.
Read Security Bulletin
Just another reason people need to get rid of IE. Waht si it now? 3 unpatched vulnerabilities?
Neon Security
It\'s time to put an end to malicious code & black hat hackers - Use a firewall and anti virus!
Posting Permissions
- You may not post new threads
- You may not post replies
- You may not post attachments
- You may not edit your posts
-
Forum Rules
|
|
Reply With Quote