[Forgot Password]
Login  Register Subscribe

30389

 
 

423868

 
 

244625

 
 

909

 
 

193379

 
 

277

Paid content will be excluded from the download.


Download | Alert*
OVAL

IE v5.5,SP2 ExecCommand Cross Domain Zone Restriction Bypass

ID: oval:org.mitre.oval:def:343Date: (C)2003-11-12   (M)2021-07-27
Class: VULNERABILITYFamily: windows




Internet Explorer 6 SP1 and earlier allows remote attackers to bypass zone restrictions and execute Javascript by setting the window's "href" to the malicious Javascript, then calling execCommand("Refresh") to refresh the page, aka BodyRefreshLoadsJPU or the "ExecCommand Cross Domain" vulnerability.

Platform:
Microsoft Windows ME
Microsoft Windows NT
Microsoft Windows 2000
Product:
Microsoft Internet Explorer
Reference:
CVE-2003-0814
CVE    1
CVE-2003-0814

© SecPod Technologies