[Forgot Password]
Login  Register Subscribe

30389

 
 

423868

 
 

244625

 
 

909

 
 

193379

 
 

277

Paid content will be excluded from the download.


Download | Alert*
OVAL

IE v5.01,SP4 Function Pointer Override Cross Domain Vulnerability

ID: oval:org.mitre.oval:def:353Date: (C)2003-11-12   (M)2021-07-27
Class: VULNERABILITYFamily: windows




Internet Explorer 6 SP1 and earlier allows remote attackers to bypass zone restrictions and read arbitrary files by (1) modifying the createTextRange method and using CreateLink, as demonstrated using LinkillerSaveRef, LinkillerJPU, and Linkiller, or (2) modifying the createRange method and using the FIND dialog to select text, as demonstrated using Findeath, aka the "Function Pointer Override Cross Domain" vulnerability.

Platform:
Microsoft Windows 2000
Product:
Microsoft Internet Explorer
Reference:
CVE-2003-0815
CVE    1
CVE-2003-0815

© SecPod Technologies