Alert: Release of MS02-009 Security Bulletin - Cross-domain VBScripting

From: Russ (Russ.Cooper@RC.ON.CA)
Date: 02/22/02 

Date:         Thu, 21 Feb 2002 21:17:13 -0500
From: Russ <Russ.Cooper@RC.ON.CA>
To: NTBUGTRAQ@LISTSERV.NTBUGTRAQ.COM

http://www.microsoft.com/technet/security/bulletin/MS02-009.asp

Affects IE 5.01, 5.5, and 6.0 (regardless of platform).

Vulnerability allows VBScript launched in one frame, to access the
contents of other frames (in particular, frames that are consider in a
different domain, e.g. a frame in the Internet Zone can access the
contents of a frame in the My Computer zone). As such, a script could
read local files on a target system.

Microsoft rates this issue as Moderate for Internet/Intranet services,
and Critical for clients.

Cheers,
Russ - NTBugtraq Editor

oooooooooooooooooooooooooooooooooooooooooooooooooooooooooooooooooooooooooooo
Delivery co-sponsored by Qualys - Make Your Network Secure
oooooooooooooooooooooooooooooooooooooooooooooooooooooooooooooooooooooooooooo
Go Beyond PARTIAL Security: FREE White Paper

Stop hassling with half-baked ENTERPRISE SECURITY.
FREE White Paper shows you how to ensure TOTAL security for your Internet
perimeter with the most current and most complete PROACTIVE Vulnerability
Assessment solution. Get your FREE White Paper now. Click here!
https://www.qualys.com/forms/techwhite_86.html
oooooooooooooooooooooooooooooooooooooooooooooooooooooooooooooooooooooooooooo

Relevant Pages

  • Alert: Release of MS02-008 Security Bulletin - MSXML
    ... Microsoft rates this issue as Moderate for Internet/Intranet services, ... Stop hassling with half-baked ENTERPRISE SECURITY. ... FREE White Paper shows you how to ensure TOTAL security for your Internet ... perimeter with the most current and most complete PROACTIVE Vulnerability ...
    (NT-Bugtraq)
  • [NT] Who Framed Internet Explorer
    ... The following security advisory is sent to the securiteam mailing list, and can be found at the SecuriTeam web site: http://www.securiteam.com ... since they don't suffer from the same clumsiness regular <frame> elements ... GrayMagic discovered that it is possible for an attacker to execute script ... content in sites and in most cases read local files and executes arbitrary ...
    (Securiteam)
  • Re: "about:blank" oepns new browser window
    ... browser window. ... if the security is 'restricted' no matter where the security was set, ... either in the declaration of the frame or the security tab of IE? ... simply setting the href the that equal to that of the empty frame. ...
    (comp.lang.javascript)
  • [NT] Internet Explorer Program Execution (Flooding)
    ... The following security advisory is sent to the securiteam mailing list, and can be found at the SecuriTeam web site: http://www.securiteam.com ... By flooding the Internet Explorer with multiple FRAME tags it is possible ... We recommend you download the HTML file, ...
    (Securiteam)
  • Alert: Release of MS02-007 Security Bulletin - MS SQL 7.0 and OLE DB providers
    ... Microsoft have released a new security bulletin addressing, seemingly, ... Go Beyond PARTIAL Security: FREE White Paper ... FREE White Paper shows you how to ensure TOTAL security for your Internet ... perimeter with the most current and most complete PROACTIVE Vulnerability ...
    (NT-Bugtraq)