• News
• Infocus
• Foundations
• Microsoft
• Unix
• IDS
• Incidents
• Virus
• Pen-Test
• Firewalls
• Columnists
• Mailing Lists
• Newsletters
• Bugtraq
• Focus on IDS
• Focus on Linux
• Focus on Microsoft
• Forensics
• Pen-test
• Security Basics
• Vuln Dev
• Vulnerabilities
• Jobs
• Job Opportunities
• Resumes
• Job Seekers
• Employers
• Tools
• RSS
• News
• Vulns
• Security Research

• info
• discussion
• exploit
• solution
• references

Microsoft Internet Explorer XML Object Zone Restriction Bypass Vulnerability

Solution:
Microsoft has released fixes for this issue:


Microsoft Internet Explorer 6.0 SP1

• Microsoft Cumulative Security Update for Internet Explorer 6 Service Pack 1 (KB824145)
  http://www.microsoft.com/downloads/details.aspx?FamilyId=9D8543E9-0E2B -46C9-B6C6-12DE03860465&displaylang=en


• Microsoft Cumulative Security Update for Internet Explorer 6 SP1 64-bit Edition (KB824145)
  http://www.microsoft.com/downloads/details.aspx?FamilyId=35F99CF5-3629 -4E0E-BF60-24845D2D20C9&displaylang=en


• Microsoft Cumulative Security Update for Internet Explorer for Windows Server 2003 (KB824145)
  http://www.microsoft.com/downloads/details.aspx?FamilyId=7D0D02DD-8940 -48E0-B163-3FCDCB558F21&displaylang=en


• Microsoft Cumulative Security Update for Internet Explorer for Windows Server 2003 64-bit Edition (KB824145)
  http://www.microsoft.com/downloads/details.aspx?FamilyId=8BEFA1EC-0C48 -4B65-989D-58B0CE1E6F95&displaylang=en

Microsoft Internet Explorer 5.5 SP2

• Microsoft Cumulative Security Update for Internet Explorer 5.5 Service Pack 2 (KB824145)
  http://www.microsoft.com/downloads/details.aspx?FamilyId=E438AFD4-DF70 -448C-8925-1075C8BE6C5E&displaylang=en

Microsoft Internet Explorer 6.0

• Microsoft Cumulative Security Update for Internet Explorer 6 (KB824145)
  http://www.microsoft.com/downloads/details.aspx?FamilyId=4C4D22F0-FBF7 -4EA6-9CC2-27D104D4198E&displaylang=en

Microsoft Internet Explorer 5.0.1 SP1

• Microsoft Cumulative Security Update for Internet Explorer 5.01 for Windows 2000 Service Pack 2 (KB824145)
  For Internet Explorer 5.01 on Windows 2000 SP2
  http://www.microsoft.com/downloads/details.aspx?FamilyId=221616D4-5893 -4DA4-A223-B0DE548D6D83&displaylang=en


• Microsoft Cumulative Security Update for Internet Explorer 5.01 for Windows 2000 Service Pack 3 (KB824145)
  For Internet Explorer 5.01 on Windows 2000 SP3
  http://www.microsoft.com/downloads/details.aspx?FamilyId=F4853D8F-F66C -4D8A-9979-3B4F540F90A8&displaylang=en


• Microsoft Cumulative Security Update for Internet Explorer 5.01 for Windows 2000 Service Pack 4 (KB824145)
  For Internet Explorer 5.01 on Windows 2000 SP4
  http://www.microsoft.com/downloads/details.aspx?FamilyId=C15E2DB3-14E2 -43A4-A1A1-676374B66517&displaylang=en

Microsoft Internet Explorer 5.0.1 SP3

• Microsoft Cumulative Security Update for Internet Explorer 5.01 for Windows 2000 Service Pack 2 (KB824145)
  For Internet Explorer 5.01 on Windows 2000 SP2
  http://www.microsoft.com/downloads/details.aspx?FamilyId=221616D4-5893 -4DA4-A223-B0DE548D6D83&displaylang=en


• Microsoft Cumulative Security Update for Internet Explorer 5.01 for Windows 2000 Service Pack 3 (KB824145)
  For Internet Explorer 5.01 on Windows 2000 SP3
  http://www.microsoft.com/downloads/details.aspx?FamilyId=F4853D8F-F66C -4D8A-9979-3B4F540F90A8&displaylang=en


• Microsoft Cumulative Security Update for Internet Explorer 5.01 for Windows 2000 Service Pack 4 (KB824145)
  For Internet Explorer 5.01 on Windows 2000 SP4
  http://www.microsoft.com/downloads/details.aspx?FamilyId=C15E2DB3-14E2 -43A4-A1A1-676374B66517&displaylang=en

Microsoft Internet Explorer 5.0.1

• Microsoft Cumulative Security Update for Internet Explorer 5.01 for Windows 2000 Service Pack 2 (KB824145)
  For Internet Explorer 5.01 on Windows 2000 SP2
  http://www.microsoft.com/downloads/details.aspx?FamilyId=221616D4-5893 -4DA4-A223-B0DE548D6D83&displaylang=en


• Microsoft Cumulative Security Update for Internet Explorer 5.01 for Windows 2000 Service Pack 3 (KB824145)
  For Internet Explorer 5.01 on Windows 2000 SP3
  http://www.microsoft.com/downloads/details.aspx?FamilyId=F4853D8F-F66C -4D8A-9979-3B4F540F90A8&displaylang=en


• Microsoft Cumulative Security Update for Internet Explorer 5.01 for Windows 2000 Service Pack 4 (KB824145)
  For Internet Explorer 5.01 on Windows 2000 SP4
  http://www.microsoft.com/downloads/details.aspx?FamilyId=C15E2DB3-14E2 -43A4-A1A1-676374B66517&displaylang=en

Microsoft Internet Explorer 5.0.1 SP2

• Microsoft Cumulative Security Update for Internet Explorer 5.01 for Windows 2000 Service Pack 2 (KB824145)
  For Internet Explorer 5.01 on Windows 2000 SP2
  http://www.microsoft.com/downloads/details.aspx?FamilyId=221616D4-5893 -4DA4-A223-B0DE548D6D83&displaylang=en


• Microsoft Cumulative Security Update for Internet Explorer 5.01 for Windows 2000 Service Pack 3 (KB824145)
  For Internet Explorer 5.01 on Windows 2000 SP3
  http://www.microsoft.com/downloads/details.aspx?FamilyId=F4853D8F-F66C -4D8A-9979-3B4F540F90A8&displaylang=en


• Microsoft Cumulative Security Update for Internet Explorer 5.01 for Windows 2000 Service Pack 4 (KB824145)
  For Internet Explorer 5.01 on Windows 2000 SP4
  http://www.microsoft.com/downloads/details.aspx?FamilyId=C15E2DB3-14E2 -43A4-A1A1-676374B66517&displaylang=en