Internet Explorer modal dialog style crossite scripting

[EN] securityvulns.ru
no-pyccku

Internet Explorer modal dialog style crossite scripting
Published: 04.12.2002
Source: BUGTRAQ
SecurityVulns ID: 2457
Type: client
Level: 5/10
Description: By using <IMG width="0" height="0" style="width: expression(alert());"> script may be executed in local zone.

Affected: MICROSOFT : Internet Explorer 5.5
MICROSOFT : Internet Explorer 6.0

Original document Liu Die Yu, Poisonous Style for Dialog window turns the zone off. (04.12.2002)

Discuss: Read or add your comments to this news (0 comments)