Microsoft IE parent.window.open location.cache Script Execution

2004-07-16T02:16:38
ID OSVDB:7963
Type osvdb
Reporter Paul(paul@greyhats.cjb.net)
Modified 2004-07-16T02:16:38

Description

Vulnerability Description

Microsoft Internet Explorer contains a flaw that allows a remote website to specify malicious code to be executed. This flaw exists because the application does not validate the location variant when using the method cache. This could allow a user to create a specially crafted website that would execute arbitrary code in a user's browser within the trust relationship of another parent window possibly leading to a remote compromise.

Solution Description

Currently, there are no known upgrades, patches, or workarounds available to correct this issue.

Short Description

Microsoft Internet Explorer contains a flaw that allows a remote website to specify malicious code to be executed. This flaw exists because the application does not validate the location variant when using the method cache. This could allow a user to create a specially crafted website that would execute arbitrary code in a user's browser within the trust relationship of another parent window possibly leading to a remote compromise.

References:

Vendor URL: http://www.microsoft.com/ Other Advisory URL: http://freehost07.websamba.com/greyhats/evilchild-menu.htm Mail List Post: http://archives.neohapsis.com/archives/bugtraq/2004-07/0191.html Keyword: EvilChild Generic Exploit URL: http://freehost07.websamba.com/greyhats/evilchild.htm