Executive Summary
Summary | |
---|---|
Title | Microsoft Internet Explorer fails to properly restrict access to frames |
Informations | |||
---|---|---|---|
Name | VU#516627 | First vendor Publication | 2008-06-27 |
Vendor | VU-CERT | Last vendor Modification | 2008-07-15 |
Severity (Vendor) | N/A | Revision | M |
Security-Database Scoring CVSS v3
Cvss vector : N/A | |||
---|---|---|---|
Overall CVSS Score | NA | ||
Base Score | NA | Environmental Score | NA |
impact SubScore | NA | Temporal Score | NA |
Exploitabality Sub Score | NA | ||
Calculate full CVSS 3.0 Vectors scores |
Security-Database Scoring CVSS v2
Cvss vector : (AV:N/AC:M/Au:N/C:P/I:P/A:P) | |||
---|---|---|---|
Cvss Base Score | 6.8 | Attack Range | Network |
Cvss Impact Score | 6.4 | Attack Complexity | Medium |
Cvss Expoit Score | 8.6 | Authentication | None Required |
Calculate full CVSS 2.0 Vectors scores |
Detail
Vulnerability Note VU#516627Microsoft Internet Explorer fails to properly restrict access to framesOverviewMicrosoft Internet Explorer fails to properly restrict access to a document's frames, which may allow an attacker to modify the contents of frames in a different domain.I. DescriptionFrames in HTML documents are subdivisions of the current window. The most common use of frames in web pages is the IFRAME, or inline frame. IFRAMEs can be used to display content from a different domain within the physical representation of the current web page. A common example of the use of an IFRAME in a web page is to display a banner advertisement from a third party.Microsoft Internet Explorer fails to properly restrict access to a document's frames. This can allow an attacker to replace the contents of a web page's frame with arbitrary content. Internet Explorer still appears to enforce the cross-domain security model, which limits the actions that a malicious frame can take with the parent document. For example, a frame that exists in a different domain should not be able to access the parent document's cookies or HTML content, or other domain-specific DOM components. However, components that are not tied to a specific domain, such as the onmousedown event can be accessed. By monitoring this particular event, an IFRAME can capture keystrokes from the parent document. Other actions may be possible. Limited testing has shown that Internet Explorer 6, 7, and 8 beta 1 are vulnerable. Proof-of-concept code for this vulnerability is publicly available.
References
This vulnerability was publicly disclosed by Eduardo Vela. This document was written by Will Dormann.
|
Original Source
Url : http://www.kb.cert.org/vuls/id/516627 |
CPE : Common Platform Enumeration
Type | Description | Count |
---|---|---|
Application | 3 |
Open Source Vulnerability Database (OSVDB)
Id | Description |
---|---|
46631 | Microsoft IE Frame Location Handling Cross-frame Content Manipulation |