| Microsoft Internet Explorer Frame Vulnerability |
|
US-CERT is aware of publicly available proof-of-concept code for a vulnerability that affects Microsoft Internet Explorer 6, 7, and 8 beta 1. This vulnerability is due to improper access restriction to certain components of a document's frames. By convincing a user to view a specially crafted HTML document, an attacker may be able to access non-domain-specific elements from a web page that exists in a different domain. Exploitation of this vulnerability could allow an attacker to capture keystrokes or perform other malicious acts. Read more: US-CERT Current Activity |