hacking contest

hacking exploits security forum
hacking
compliance articles
upgrade backup exec
information security consultant
Help - Search - Member List - Calendar
Full Version: New Windows Exploit!
GovernmentSecurity.org > The Archives > Exploit Articles
MAL1CE
Oct 20 2003, 03:32 AM
ie-cache-script-injection (12961) Medium Risk

Microsoft Internet Explorer browser cache script injection
Description:


Microsoft Internet Explorer versions 5.0.1, 5.5, and 6.0 could allow a remote attacker to execute script on a victim's computer, caused by a vulnerability when Internet Explorer checks for the existence of local files in the browser's cache. A remote attacker could create a malicious Web page that would allow the attacker to bypass the cross-domain security model. This could allow an attacker to cause the execution of malicious script within the victim's "My Computer" security zone, once the page is visited.


Platforms Affected:
Microsoft Internet Explorer 5.01
Microsoft Internet Explorer 5.5
Microsoft Internet Explorer 6.0
Windows Any version


does anyone have the HTML for this exploit?


raptor
Oct 20 2003, 06:49 AM
how did you learnt about this?
is this really true or you just supposed this ?
This is a "lo-fi" version of our main content. To view the full version with more information, formatting and images, please click here.
 
Invision Power Board © 2001-2005 Invision Power Services, Inc.