Another IE bug or two...

Looks like Microsoft has a few more "flaws" within IE, if this these ones are fixed before the end of the year, that will make it 61 or even 62 security bulletins so far...

SecurityTracker is reporting that a flaw has been reported in the "document.open()" function of IE which lets a remote user steal cookies, read local files and spoof web sites...

Vulnerable software: IE 6.0.2600.0000 + Windows 2000 Update Versions: Q312461; Q240308; Q313675

A remote user can create HTML containing scripting that uses the document.open method but not the document.close method. Then, when this code is executed on another user"s browser, the code can steal cookies, read local files that are parsable by IE (i.e., text/html MIME types), and spoof other web sites.

Example code can be found at the link below. Microsoft have been notified (via secure@microsoft.com on the 19th December 2001), but as yet, no fix has been produced.

News source: Security Tracker

View: IE Document.Open() Advisory from www.osioniusx.com

Also, another vunerability has been found, this one concerns "Cross-Frame, About Pluggable Protocol, Security Zone Spoofing". By appending merely a percent sign after an about url which has opened in a window you can access some elements of the previous document"s document object model.

Vulnerable: IE 6.0.2600.0000 + Windows 2000 Update Versions: Q312461 IE 5.50.4134.0100 Update Versions: q269368 + Windows ME

Example code can be found at the link below. Microsoft have been notified (via secure@microsoft.com on 11th December 2001), but as yet, no fix has been produced.

View: Vunerability Notice: IE About:,Security Zone Advisory from www.osionusx.com

Report a problem with article
Next Article

From us, to you!

Previous Article

New beta build of LogonStudio