• info
• discussion
• exploit
• solution
• references

Microsoft Internet Explorer BackToFramedJPU Cross-Domain Policy Vulnerability

Solution:
Microsoft has released a cumulative security update (MS04-004) to address this issue in affected versions of Microsoft Internet Explorer. Users are strongly advised to obtain fixes as soon as possible.


Microsoft Internet Explorer 6.0 SP1

• Microsoft Cumulative Security Update for Internet Explorer 6 Service Pack 1 (KB832894)
  http://www.microsoft.com/downloads/details.aspx?FamilyId=70530968-B59A -47C0-90D3-0C884910BC97&displaylang=en


• Microsoft Cumulative Security Update for Internet Explorer 6 SP1 64-bit Edition (KB832894)
  For Internet Explorer 6 SP 1 running on Windows XP 64-bit platforms.
  http://www.microsoft.com/downloads/details.aspx?FamilyId=326EFFDA-8D86 -4683-BC77-9BF410BC620D&displaylang=en

Microsoft Internet Explorer 5.5 SP2

• Microsoft Cumulative Security Update for Internet Explorer 5.5 Service Pack 2 (KB832894)
  http://www.microsoft.com/downloads/details.aspx?FamilyId=EFFE87F6-7ACA -4A54-B767-5597DDE95C6F&displaylang=en

Microsoft Internet Explorer 6.0

• Microsoft Cumulative Security Update for Internet Explorer 6 (KB832894)
  For Internet Explorer 6 running on Windows XP.
  http://www.microsoft.com/downloads/details.aspx?FamilyId=BE0C18BC-7F9A -4196-BFDE-29EBA8CF7A50&displaylang=en


• Microsoft Cumulative Security Update for Internet Explorer for Windows Server 2003 (KB832894)
  For Internet Explorer 6.0 running on Windows 2003.
  http://www.microsoft.com/downloads/details.aspx?FamilyId=D78AE4F7-8852 -4A04-B8F6-1DE327E598F0&displaylang=en


• Microsoft Cumulative Security Update for Internet Explorer for Windows Server 2003 64-bit Edition (KB832894)
  For Internet Explorer 6 running on Windows 2003 64-bit platforms.
  http://www.microsoft.com/downloads/details.aspx?FamilyId=6A7894F0-789F -4152-9AE4-8DCB43404149&displaylang=en

Microsoft Internet Explorer 5.0.1 SP1

• Microsoft Cumulative Security Update for Internet Explorer 5.01 for Windows 2000 Service Pack 2 (KB832894)
  For Internet Explorer 5.01 running on Windows 2000 Service Pack 2.
  http://www.microsoft.com/downloads/details.aspx?FamilyId=17904608-DCEE -4C99-A780-81D6DBC48DD5&displaylang=en


• Microsoft Cumulative Security Update for Internet Explorer 5.01 for Windows 2000 Service Pack 3 (KB832894)
  For Internet Explorer 5.01 running on Windows 2000 SP 3.
  http://www.microsoft.com/downloads/details.aspx?FamilyId=202D3AAC-6B56 -4F4A-8C0F-4183C77B6B51&displaylang=en


• Microsoft Cumulative Security Update for Internet Explorer 5.01 for Windows 2000 Service Pack 4 (KB832894)
  For Internet Explorer 5.01 running on Windows 2000 SP 4.
  http://www.microsoft.com/downloads/details.aspx?FamilyId=F5E74139-6E0E -49FD-9AA2-36D2D8454A92&displaylang=en

Microsoft Internet Explorer 5.0.1 SP3

• Microsoft Cumulative Security Update for Internet Explorer 5.01 for Windows 2000 Service Pack 2 (KB832894)
  For Internet Explorer 5.01 running on Windows 2000 Service Pack 2.
  http://www.microsoft.com/downloads/details.aspx?FamilyId=17904608-DCEE -4C99-A780-81D6DBC48DD5&displaylang=en


• Microsoft Cumulative Security Update for Internet Explorer 5.01 for Windows 2000 Service Pack 3 (KB832894)
  For Internet Explorer 5.01 running on Windows 2000 SP 3.
  http://www.microsoft.com/downloads/details.aspx?FamilyId=202D3AAC-6B56 -4F4A-8C0F-4183C77B6B51&displaylang=en


• Microsoft Cumulative Security Update for Internet Explorer 5.01 for Windows 2000 Service Pack 4 (KB832894)
  For Internet Explorer 5.01 running on Windows 2000 SP 4.
  http://www.microsoft.com/downloads/details.aspx?FamilyId=F5E74139-6E0E -49FD-9AA2-36D2D8454A92&displaylang=en

Microsoft Internet Explorer 5.0.1

• Microsoft Cumulative Security Update for Internet Explorer 5.01 for Windows 2000 Service Pack 2 (KB832894)
  For Internet Explorer 5.01 running on Windows 2000 Service Pack 2.
  http://www.microsoft.com/downloads/details.aspx?FamilyId=17904608-DCEE -4C99-A780-81D6DBC48DD5&displaylang=en


• Microsoft Cumulative Security Update for Internet Explorer 5.01 for Windows 2000 Service Pack 3 (KB832894)
  For Internet Explorer 5.01 running on Windows 2000 SP 3.
  http://www.microsoft.com/downloads/details.aspx?FamilyId=202D3AAC-6B56 -4F4A-8C0F-4183C77B6B51&displaylang=en


• Microsoft Cumulative Security Update for Internet Explorer 5.01 for Windows 2000 Service Pack 4 (KB832894)
  For Internet Explorer 5.01 running on Windows 2000 SP 4.
  http://www.microsoft.com/downloads/details.aspx?FamilyId=F5E74139-6E0E -49FD-9AA2-36D2D8454A92&displaylang=en

Microsoft Internet Explorer 5.0.1 SP4

• Microsoft Cumulative Security Update for Internet Explorer 5.01 for Windows 2000 Service Pack 2 (KB832894)
  For Internet Explorer 5.01 running on Windows 2000 Service Pack 2.
  http://www.microsoft.com/downloads/details.aspx?FamilyId=17904608-DCEE -4C99-A780-81D6DBC48DD5&displaylang=en


• Microsoft Cumulative Security Update for Internet Explorer 5.01 for Windows 2000 Service Pack 3 (KB832894)
  For Internet Explorer 5.01 running on Windows 2000 SP 3.
  http://www.microsoft.com/downloads/details.aspx?FamilyId=202D3AAC-6B56 -4F4A-8C0F-4183C77B6B51&displaylang=en


• Microsoft Cumulative Security Update for Internet Explorer 5.01 for Windows 2000 Service Pack 4 (KB832894)
  For Internet Explorer 5.01 running on Windows 2000 SP 4.
  http://www.microsoft.com/downloads/details.aspx?FamilyId=F5E74139-6E0E -49FD-9AA2-36D2D8454A92&displaylang=en

Microsoft Internet Explorer 5.0.1 SP2

• Microsoft Cumulative Security Update for Internet Explorer 5.01 for Windows 2000 Service Pack 2 (KB832894)
  For Internet Explorer 5.01 running on Windows 2000 Service Pack 2.
  http://www.microsoft.com/downloads/details.aspx?FamilyId=17904608-DCEE -4C99-A780-81D6DBC48DD5&displaylang=en


• Microsoft Cumulative Security Update for Internet Explorer 5.01 for Windows 2000 Service Pack 3 (KB832894)
  For Internet Explorer 5.01 running on Windows 2000 SP 3.
  http://www.microsoft.com/downloads/details.aspx?FamilyId=202D3AAC-6B56 -4F4A-8C0F-4183C77B6B51&displaylang=en


• Microsoft Cumulative Security Update for Internet Explorer 5.01 for Windows 2000 Service Pack 4 (KB832894)
  For Internet Explorer 5.01 running on Windows 2000 SP 4.
  http://www.microsoft.com/downloads/details.aspx?FamilyId=F5E74139-6E0E -49FD-9AA2-36D2D8454A92&displaylang=en