Spyware Doctor
Spyware Doctor with AntiVirus
PC Tools AntiVirus
PC Tools Internet Security
PC Tools Firewall Plus
ThreatFire
Spam Monitor
Registry Mechanic
Desktop Maestro
File Recover
Privacy Guardian
PC Tools Disk Suite
Spyware Doctor Enterprise
Help me choose
Internet Explorer Javascript Redirect Vulnerability
A vulnerability using Javascript Redirect function could allow a malicious web site operator to read files on the computer of a user who visited the site, under certain circumstances.
Issue
Client-local data that is displayed in the browser window can be made available to the server by using a redirect to a Javascript applet running in the same window. This in effect bypasses cross-domain security and makes the data available to the applet, which could then send the data to a hostile server. This could allow a malicious web site operator to read the contents of files on visiting users' computers, if he or she knew the name of the file and the folder in which it resided. The vulnerability would not allow the malicious user to list the contents of folders, create, modify or delete files, or to usurp any administrative control over the machine.
Affected Products
- Microsoft Internet Explorer 4.01 and 5
Download
Patch: http://www.microsoft.com/msdownload/iebuild/jsredir/en/jsredir.htm
Further Details
Source: Microsoft Corporation
Reference: Microsoft Corporation
Updated: November 17, 1999
>> Recommended Download - secure your PC from spyware, adware and malware now with Spyware Doctor <<
