Microsoft IE DocumentComplete() Cross Frame Access Vulnerability

The DocumentComplete() function in IE does not properly validate origin domains.

Therefore it is possible for a remote webserver to gain read access to local files on the machine of any website visitor or email recipient by accessing the browser object of a frame containing local content. Only files that can be opened by a browser window (eg. *.htm, *.js, *.txt etc) are viewable, and the path and name of the file must be known by the attacker.

Update (May 16, 2001): A new variant of this vulnerability has been discovered. Microsoft has released a new patch to address all known variants of this vulnerability.


Privacy Statement
Copyright 2010, SecurityFocus