Cookie access via res:\\ and about:\\ in Microsoft Internet Explorer
news
/
advisories
/
forum
/
software
/
advertising
/
search
/
exploits
[EN]
securityvulns.ru
no-pyccku
Cookie access via res:\\ and about:\\ in Microsoft Internet Explorer
updated since 20.10.2001
Published:
17.04.2002
Source:
BUGTRAQ
SecurityVulns ID:
1521
Type:
client
Level:
6
/10
Description:
It's possible to use about:\\ and res:\\ URl to execute javascript in context of any page and local machine.
Affected:
MICROSOFT
:
Internet Explorer 5.5
MICROSOFT
:
Internet Explorer 6.0
Original document
GreyMagic Software
,
Re: IE allows universal Cross Site Scripting (TL#002)
(
17.04.2002
)
Thor Larholm
,
IE allows universal Cross Site Scripting (TL#002)
(
17.04.2002
)
Marc Slemko
,
the other IE cookie stealing bug (MS01-055)
(
15.11.2001
)
Jouko Pynnonen
,
Microsoft IE cookies readable via about: URLS
(
09.11.2001
)
MICROSOFT
,
Security Bulletin MS01-055
(
09.11.2001
)
Clover Andrew
,
Minor IE vulnerability: about: URLs
(
20.10.2001
)
Discuss:
Read or add your comments to this news (0 comments)
About
|
Terms of use
|
Privacy Policy
©
SecurityVulns
,
3APA3A
, Vladimir Dubrovin
Nizhny Novgorod
Enter your search terms
Web
securityvulns.com
Submit search form
test server
