[Forgot Password]
Login  Register Subscribe

30389

 
 

423868

 
 

244411

 
 

909

 
 

193363

 
 

277

Paid content will be excluded from the download.


Download | Alert*
OVAL

IE v5.01,SP2 ExecCommand Cross Domain Zone Restriction Bypass

ID: oval:org.mitre.oval:def:335Date: (C)2003-11-12   (M)2021-07-27
Class: VULNERABILITYFamily: windows




Internet Explorer 6 SP1 and earlier allows remote attackers to bypass zone restrictions and execute Javascript by setting the window's "href" to the malicious Javascript, then calling execCommand("Refresh") to refresh the page, aka BodyRefreshLoadsJPU or the "ExecCommand Cross Domain" vulnerability.

Platform:
Microsoft Windows 2000
Product:
Microsoft Internet Explorer
Reference:
CVE-2003-0814
CVE    1
CVE-2003-0814

© SecPod Technologies