Looks like Microsoft has a few more "flaws" within IE, if this these ones are fixed before the end of the year, that will make it 61 or even 62 security bulletins so far...
SecurityTracker is reporting that a flaw has been reported in the "document.open()" function of IE which lets a remote user steal cookies, read local files and spoof web sites...
Vulnerable software: IE 6.0.2600.0000 + Windows 2000 Update Versions: Q312461; Q240308; Q313675
A remote user can create HTML containing scripting that uses the document.open method but not the document.close method. Then, when this code is executed on another user's browser, the code can steal cookies, read local files that are parsable by IE (i.e., text/html MIME types), and spoof other web sites.
Example code can be found at the link below. Microsoft have been notified (via secure@microsoft.com on the 19th December 2001), but as yet, no fix has been produced.
News source: Security Tracker
View: IE Document.Open() Advisory from www.osioniusx.com
Also, another vunerability has been found, this one concerns "Cross-Frame, About Pluggable Protocol, Security Zone Spoofing". By appending merely a percent sign after an about url which has opened in a window you can access some elements of the previous document's document object model.
Vulnerable: IE 6.0.2600.0000 + Windows 2000 Update Versions: Q312461 IE 5.50.4134.0100 Update Versions: q269368 + Windows ME
Example code can be found at the link below. Microsoft have been notified (via secure@microsoft.com on 11th December 2001), but as yet, no fix has been produced.
View: Vunerability Notice: IE About:,Security Zone Advisory from www.osionusx.com
-1 Comments - Add comment