Microsoft Internet Explorer 'Javascript Redirect' Vulnerability patchClient-local data that is displayed in the browserwindow can be made available to the server byusing a redirect to a Javascript applet runningin the same window. This in effect bypassescross-domain se | |
Download |
Microsoft Internet Explorer 'Javascript Redirect' Vulnerability patch Ranking & Summary
Advertisement
Microsoft Internet Explorer 'Javascript Redirect' Vulnerability patch Tags
Microsoft Internet Explorer 'Javascript Redirect' Vulnerability patch Description
Client-local data that is displayed in the browserwindow can be made available to the server byusing a redirect to a Javascript applet runningin the same window. This in effect bypassescross-domain security and makes the data availableto the applet, which could then send the data to ahostile server. This could allow a malicious website operator to read the contents of files onvisiting users' computers, if he or she knew the nameof the file and the folder in which it resided.The vulnerability would not allow the malicioususer to list the contents of folders, create,modify or delete files, or to usurp anyadministrative control over the machine.
Microsoft Internet Explorer 'Javascript Redirect' Vulnerability patch Related Software