• info
• discussion
• exploit
• solution
• references

Microsoft Internet Explorer CSS Import Cross-Domain Restriction Bypass Vulnerability

Solution:
The vendor has released a security advisory addressing this issue in supported versions. Please see the referenced advisory for further information.


Microsoft Internet Explorer 6.0 SP1

• Microsoft Cumulative Update for Internet Explorer 6 SP1 (KB916281)
  Microsoft Windows 2000 Service Pack 4 or on Microsoft Windows XP Service Pack 1
  http://www.microsoft.com/downloads/details.aspx?familyid=0EB17A41-FB43 -413B-A5CC-41E1F3DEDE4F&displaylang=en


• Microsoft Cumulative Update for Internet Explorer for Windows Server 2003 (KB916281)
  For Microsoft Windows Server 2003 and Microsoft Windows Server 2003 Service Pack 1
  http://www.microsoft.com/downloads/details.aspx?familyid=CCE7C875-C9A4 -4C3D-A37B-946EE5E781E7&displaylang=en


• Microsoft Cumulative Update for Internet Explorer for Windows Server 2003 64-bit Itanium Edition (KB916281) -
  Microsoft Windows Server 2003 for Itanium-based Systems and Microsoft Windows Server 2003 with SP1 for Itanium-based Systems
  http://www.microsoft.com/downloads/details.aspx?familyid=C8E4CFB6-1350 -4AAE-B681-EE2ECAB41118&displaylang=en


• Microsoft Cumulative Update for Internet Explorer for Windows Server 2003 x64 Edition (KB916281)
  Microsoft Windows Server 2003 x64 Edition
  http://www.microsoft.com/downloads/details.aspx?familyid=1C7D5C6D-DDCF -485D-A1E3-60E55334FD74&displaylang=en


• Microsoft Cumulative Update for Internet Explorer for Windows XP Service Pack 2 (KB916281)
  For Microsoft Windows XP Service Pack 2
  http://www.microsoft.com/downloads/details.aspx?familyid=85CABE87-C4A0 -4F80-BD1C-210E23FD8D81&displaylang=en


• Microsoft Cumulative Update for Internet Explorer for Windows XP x64 Edition (KB916281)
  Microsoft Windows XP Professional x64 Edition
  http://www.microsoft.com/downloads/details.aspx?familyid=F91791AC-8185 -4346-AA66-89F74D4B5EA7&displaylang=en

Microsoft Internet Explorer 6.0

• Microsoft Cumulative Update for Internet Explorer for Windows Server 2003 (KB916281)
  For Microsoft Windows Server 2003 and Microsoft Windows Server 2003 Service Pack 1
  http://www.microsoft.com/downloads/details.aspx?familyid=CCE7C875-C9A4 -4C3D-A37B-946EE5E781E7&displaylang=en


• Microsoft Cumulative Update for Internet Explorer for Windows Server 2003 64-bit Itanium Edition (KB916281) -
  Microsoft Windows Server 2003 for Itanium-based Systems and Microsoft Windows Server 2003 with SP1 for Itanium-based Systems
  http://www.microsoft.com/downloads/details.aspx?familyid=C8E4CFB6-1350 -4AAE-B681-EE2ECAB41118&displaylang=en


• Microsoft Cumulative Update for Internet Explorer for Windows Server 2003 x64 Edition (KB916281)
  Microsoft Windows Server 2003 x64 Edition
  http://www.microsoft.com/downloads/details.aspx?familyid=1C7D5C6D-DDCF -485D-A1E3-60E55334FD74&displaylang=en


• Microsoft Cumulative Update for Internet Explorer for Windows XP Service Pack 2 (KB916281)
  For Microsoft Windows XP Service Pack 2
  http://www.microsoft.com/downloads/details.aspx?familyid=85CABE87-C4A0 -4F80-BD1C-210E23FD8D81&displaylang=en


• Microsoft Cumulative Update for Internet Explorer for Windows XP x64 Edition (KB916281)
  Microsoft Windows XP Professional x64 Edition
  http://www.microsoft.com/downloads/details.aspx?familyid=F91791AC-8185 -4346-AA66-89F74D4B5EA7&displaylang=en

Microsoft Internet Explorer 5.0.1 SP4

• Microsoft Cumulative Update for Internet Explorer 5.01 Service Pack 4 (KB916281)
  Microsoft Windows 2000 Service Pack 4
  http://www.microsoft.com/downloads/details.aspx?familyid=91A997DE-BAE4 -4AC7-912D-79EF8ABAEF4F&displaylang=en