|
Multiple bugs in Internet Explorer
updated since 11.09.2003 | | Published: |  | 15.12.2003 | | Source: |  | BUGTRAQ | | SecurityVulns ID: |  | 3110 | | Type: |  | client | | Level: |  | 7/10 | | Description: |  | Crossite scripting via Find dialog, location/refresh, NavigateAndFind, file:javascript:, click to drug-n-drop spoofing, src URL spoofing, BaseRef spoofing, etc. |
| Affected: |  | MICROSOFT : Internet Explorer 5.5 | | | | MICROSOFT : Internet Explorer 6.0 |
| Original document |  | Liu Die Yu, Several Things about IE bugs (15.12.2003) |
| | | Liu Die Yu, MHTML Redirection Leads to Downloading EXE and Executing (26.11.2003) |
| | | Liu Die Yu, HijackClickV2 - a successor of HijackClick attack (26.11.2003) |
| | | Liu Die Yu, Cache Disclosure Leads to MYCOMPUTER Zone and Remote Compromise (26.11.2003) |
| | | Liu Die Yu, BackToFramedJpu - a successor of BackToJpu attack (26.11.2003) |
| | | Liu Die Yu, Note for "Invalid ContentType may disclose cache directory" (26.11.2003) |
| | | Liu Die Yu, Invalid ContentType may disclose cache directory (26.11.2003) |
| | | Liu Die Yu, New "Clean" IE Remote Compromise (26.11.2003) |
| | | Liu Die Yu, IE Remote Compromise by Getting Cache Location (26.11.2003) |
| | | Liu Die Yu, Six Step IE Remote Compromise Cache Attack (10.11.2003) |
| | | Mind Warper, IE 6 XML Patch Bypass (08.10.2003) |
| | | MICROSOFT, Microsoft Security Bulletin MS03-040: Cumulative Patch for Internet Explorer (828750) (04.10.2003) |
| | | Thor Larholm, Liu Die Yu findings verified, details (19.09.2003) |
| | | jelmer, [Full-Disclosure] Internet explorer 6 on windows XP allows exection of arbitrary code (12.09.2003) |
| | | Liu Die Yu, MSIE->NAFfileJPU (11.09.2003) |
| | | Liu Die Yu, MSIE->WsBASEjpu (11.09.2003) |
| | | Liu Die Yu, MSIE->WsBASEjpu (11.09.2003) |
| | | Liu Die Yu, MSIE->LinkillerSaveRef:another caller-based authorization (11.09.2003) |
| | | Liu Die Yu, MSIE->RefBack (11.09.2003) |
| | | Liu Die Yu, MSIE->WsFakeSrc (11.09.2003) |
| | | Liu Die Yu, MSIE->WsOpenFileJPU (11.09.2003) |
| | | Liu Die Yu, MSIE->NAFjpuInHistory (11.09.2003) |
| | | Liu Die Yu, MSIE->LinkillerJPU:another caller-based authorization(is broken). (11.09.2003) |
| | | Liu Die Yu, MSIE->BackMyParent2:Multi-Thread version (11.09.2003) |
| | | Liu Die Yu, MSIE->HijackClick: 1+1=2 (11.09.2003) |
| | | Liu Die Yu, MSIE->BodyRefreshLoadsJPU:refresh is a new navigation method (11.09.2003) |
| | | Liu Die Yu, MSIE->Findeath: break caller-based authorization (11.09.2003) |
|
|
|
|
|
