Microsoft Internet Explorer 5.5 and 6.0 does not properly verify the domain of a frame within a browser window, which allows remote malicious users to read client files or invoke executable objects via the Object tag, aka "Cross Domain Verification in Object Tag."
Vulnerable Product | Search on Vulmon | Subscribe to Product |
---|---|---|
microsoft internet explorer 5.5 |
||
microsoft internet explorer 6.0 |