VULHUB ™

A vulnerability has been reported in Microsoft Internet Explorer that may allow for remote attackers to execute script code in the context of other domains/security Zones. The cause appears to be a lack of access control checks when access to a document object is attempted through a saved reference to it. Exploitation of this vulnerability may allow for theft of cookie information, website impersonation or disclosure of local files. It may also be possible to execute local programs with parameters through this vulnerability. Note that this may also be possible for attackers to do this with other, similar vulnerabilities that permit cross-zone scripting. See References and Exploits sections for details and proof of concept demonstration

A vulnerability has been reported in Microsoft Internet Explorer that may allow for remote attackers to execute script code in the context of other domains/security Zones. The cause appears to be a lack of access control checks when access to a document object is attempted through a saved reference to it. Exploitation of this vulnerability may allow for theft of cookie information, website impersonation or disclosure of local files. It may also be possible to execute local programs with parameters through this vulnerability. Note that this may also be possible for attackers to do this with other, similar vulnerabilities that permit cross-zone scripting. See References and Exploits sections for details and proof of concept demonstration