Suggest A Fix PC Support Forums > MS Alert: IE bug in multimedia files

Full Version: MS Alert: IE bug in multimedia files

Suggest A Fix PC Support Forums > Security > Security News and Warnings

Interceptor

Dec 30 2002, 02:17 AM

It has been reported that a vunerability exists in Internet Explorer 6.0 that can allow malicious scripting code to be executed in the domain of a different web site. This is accomplished by a remote user generating an HTML page containing a URL for a multimedia file that includes malicious scripting and is loaded with a window.open() function call. IE will load the multimedia file and the scripting code will be executed in the specified URL's domain.

There was no solution available from Microsoft at this time.

Reported by: Liu Die Yu

This is a "lo-fi" version of our main content. To view the full version with more information, formatting and images, please click here.