Bugtraq mailing list archives
Re: IE5.5 window.externalNavigateAndFind security vulnerability.. ..
From: Clover Andrew <aclover () 1VALUE COM>
Date: Mon, 2 Oct 2000 10:13:56 +0200
Multiple security vulnerabilities found in window.external.NavigateAndFind function in IE5.5...
Verified on IE5.00. Will probably also work on IE4. (Though the on-line exploit for "vulnerability 3" is slightly broken in that it tries to open the relative URL "code.txt" instead of an absolute, local path.) These are all really the same vulnerability, of course: that javascript: URLs are incorrectly executed in the security context of the previous document. MS patched around previous incarnations of this but seem to have missed NavigateAndFind. Very poor, but you can't help thinking that javascript: URLs were a stupid idea in the first place. -- Andrew Clover Technical Support 1VALUE.com AG
Current thread:
- Re: IE5.5 window.externalNavigateAndFind security vulnerability.. .. Clover Andrew (Oct 02)