First published: Fri Dec 10 2004(Updated: )
Internet Explorer 5.01 through 6 allows remote attackers to spoof arbitrary web sites by injecting content from one window into another window whose name is known but resides in a different domain, as demonstrated using a pop-up window on a trusted web site, aka the "window injection" vulnerability. NOTE: later research shows that Internet Explorer 7 on Windows XP SP2 is also vulnerable.
Credit: cve@mitre.org
Affected Software | Affected Version | How to fix |
---|---|---|
Microsoft Ie | =5.2.3 | |
Microsoft Ie | =5.0.1 | |
Microsoft Ie | =6.0-sp1 | |
Microsoft Ie | =5.0.1 | |
Microsoft Ie | =7.0-windows_xp_sp2 | |
Microsoft Ie | =5.0.1 | |
Microsoft Ie | =5.0.1 | |
Microsoft Ie | =6.0-sp2 | |
Microsoft Internet Explorer | =5.5-sp2 | |
Microsoft Internet Explorer | =5.0.1 | |
Microsoft Internet Explorer | =5.0.1-sp2 | |
Microsoft Internet Explorer | =5.0.1-sp3 | |
Microsoft Internet Explorer | =5.0.1-sp4 | |
Microsoft Internet Explorer | =5.0.1-sp1 | |
Microsoft Internet Explorer | =5.5 | |
Microsoft Internet Explorer | =5.5-preview | |
Microsoft Internet Explorer | =5.5-sp1 | |
Microsoft Internet Explorer | =6.0 |
Sign up to SecAlerts for real-time vulnerability data matched to your software, aggregated from hundreds of sources.