MS IE 5.01 JSObject Cross-Frame Vulnerability

Georgi Guninski <joro@nat.bg> has set up the following vulnerability demonstration page:
http://www.nat.bg/~joro/jsinject.html

Also, Hiromitsu Takagi <takagi@etl.go.jp> has modified the above demonstration to show that this can be exploited withour relying on scripting of Java applets. It is available at:
http://java-house.etl.go.jp/~takagi/java/test/Guninski-jsinject-modified/


 

Privacy Statement
Copyright 2010, SecurityFocus