Jump to content


 


Register a free account to unlock additional features at BleepingComputer.com
Welcome to BleepingComputer, a free community where people like yourself come together to discuss and learn how to use their computers. Using the site is easy and fun. As a guest, you can browse and view the various discussions in the forums, but can not create a new topic or reply to an existing one unless you are logged in. Other benefits of registering an account are subscribing to topics and forums, creating a blog, and having no ads shown anywhere on the site.


Click here to Register a free account now! or read our Welcome Guide to learn how to use this site.

Photo

Javascript bug IE 6


  • Please log in to reply
No replies to this topic

#1 KoanYorel

KoanYorel

    Bleepin' Conundrum


  • Members
  • 19,461 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:65 miles due East of the "Logic Free Zone", in Md, USA
  • Local time:12:16 PM

Posted 08 June 2005 - 05:26 PM

Javascript bug IE 6 - Security Flaw

A bug in Internet Explorer 6, in the processing of JavaScript in Internet Explorer 6 has been found. It is probable that previous versions of Internet Explorer 6 SP2 also vulnerable for this security flaw.



# Exploit for all Microsoft Internet Explorer users
# Can be abused by hackers to run harmful JavaScript code and can be abused to mislead existing protection against harmful JavaScript code, like software from Norton, McAfee,
# Can be abused to mislead the search engines Google, MSN, Yahoo, AltaVista,


Vulnerable browsers: Internet Explorer 6, SP2 (on a Windows XP machine) and probably all the previous versions.

UPDATE: this also works on Opera 7.54 running XP SP2 and Opera 8.
NOT vulnerable browsers for this bug: Firefox, Netscape

Solution?
Turn JavaScript off in Internet Explorer until Microsoft releases a Security Patch/Security update.


Found and reported by Pascal Vyncke of "seniorennet.be"

Complete report can be read here
The only easy day was yesterday.

...some do, some don't; some will, some won't (WR)

BC AdBot (Login to Remove)

 





0 user(s) are reading this topic

0 members, 0 guests, 0 anonymous users