oval:org.mitre.oval:def:349

Definition Id: oval:org.mitre.oval:def:349
 
Oval ID: oval:org.mitre.oval:def:349
Title: IE v6.0,SP1 (Server 2003) ExecCommand Cross Domain Zone Restriction Bypass
Description: Internet Explorer 6 SP1 and earlier allows remote attackers to bypass zone restrictions and execute Javascript by setting the window's "href" to the malicious Javascript, then calling execCommand("Refresh") to refresh the page, aka BodyRefreshLoadsJPU or the "ExecCommand Cross Domain" vulnerability.
Family: windows Class: vulnerability
Reference(s): CVE-2003-0814
Version: 5
Platform(s): Microsoft Windows Server 2003
Product(s): Microsoft Internet Explorer
Definition Synopsis: