oval:org.mitre.oval:def:343

Definition Id: oval:org.mitre.oval:def:343
 
Oval ID: oval:org.mitre.oval:def:343
Title: IE v5.5,SP2 ExecCommand Cross Domain Zone Restriction Bypass
Description: Internet Explorer 6 SP1 and earlier allows remote attackers to bypass zone restrictions and execute Javascript by setting the window's "href" to the malicious Javascript, then calling execCommand("Refresh") to refresh the page, aka BodyRefreshLoadsJPU or the "ExecCommand Cross Domain" vulnerability.
Family: windows Class: vulnerability
Reference(s): CVE-2003-0814
Version: 3
Platform(s): Microsoft Windows ME
Microsoft Windows NT
Microsoft Windows 2000
Product(s): Microsoft Internet Explorer
Definition Synopsis: