|
Microsoft Internet Explorer Vulnerability Warning Issued
The flaw focuses on IE's inline frames, often used for serving ads, which typically come from a different domain than content that appears on the same Web page. Microsoft's Internet Explorer 6, 7, and 8 beta 1 appear to contain a security flaw that could subject users who visit a malicious Web site or open a malicious e-mail message to arbitrary code. U.S. CERT has published a vulnerability note indicating Internet Explorer doesn't handle document frames securely.
Document frames can be used to subdivide Web pages such that the content associated with each division comes from a different server or domain. These "iframes," or inline frames, often are used for serving ads, which typically come from a different domain than content that appears on the same Web page. The problem, as U.S. CERT describes it, is that "Microsoft Internet Explorer fails to properly restrict access to a document's frames, which may allow an attacker to modify the contents of frames in a different domain."  Link: Secunia Security Advisory View: Full Article @ InformationWeek Read full story... More... |
| All times are GMT +1. The time now is 02:25 PM. |
Powered by vBulletin® Version 3.6.5
Copyright ©2000 - 2025, Jelsoft Enterprises Ltd.