Microsoft Internet Explorer 6 and 7 does not properly determine the domain or security zone of origin of web script, which allows remote malicious users to bypass the intended cross-domain security policy, and execute arbitrary code or obtain sensitive information, via a crafted HTML document, aka "HTML Element Cross-Domain Vulnerability."
Vulnerable Product | Search on Vulmon | Subscribe to Product |
---|---|---|
microsoft internet_explorer 5.01 |
||
microsoft internet_explorer 6 |
||
microsoft internet_explorer 7 |