Internet Explorer 5.5 and 6.0 allows remote attackers to bypass the cross-domain security model and access information on the local system or in other domains, and possibly execute code, via cached methods and objects, aka “Cross Domain Verification via Cached Methods.”
marc.info/?l=bugtraq&m=103530131201191&w=2
security.greymagic.com/adv/gm012-ie/
www.ciac.org/ciac/bulletins/n-018.shtml
www.iss.net/security_center/static/10435.php
www.iss.net/security_center/static/10436.php
www.iss.net/security_center/static/10437.php
www.iss.net/security_center/static/10438.php
www.iss.net/security_center/static/10439.php
www.securityfocus.com/bid/6028
docs.microsoft.com/en-us/security-updates/securitybulletins/2002/ms02-066
exchange.xforce.ibmcloud.com/vulnerabilities/10432
oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A388
oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A408