oval:org.mitre.oval:def:3464

Definition Id: oval:org.mitre.oval:def:3464

Oval ID:	oval:org.mitre.oval:def:3464
Title:	IE AbusiveParent Vulnerability (32-bit XP)
Description:	The DHTML Edit Control (dhtmled.ocx) allows remote attackers to inject arbitrary web script into other domains by setting a name for a window, opening a child page whose target is the window with the given name, then injecting the script from the parent into the child using execScript, as demonstrated by "AbusiveParent" in Internet Explorer 6.0.2900.2180.
Family:	windows	Class:	vulnerability
Reference(s):	CVE-2004-1319	Version:	8
Platform(s):	Microsoft Windows XP	Product(s):	Microsoft Internet Explorer
Definition Synopsis:
Windows XP 32-bit edition is installed with service pack 2 (or earlier) Windows XP is installed AND 32-Bit version of Windows is installed AND Win2K/XP/2003 service pack 2 (or earlier) is installed AND the version of dhtmled.ocx is less than 6.1.0.9232 AND NOT the patch kb891781 is installed (Hotfix key)