Improper Cross Domain Security Validation with ShowHelp FunctionalityID: oval:org.mitre.oval:def:57 | Date: (C)2003-11-12 (M)2021-07-27 |
Class: VULNERABILITY | Family: windows |
The showHelp() function in Microsoft Internet Explorer 5.01, 5.5, and 6.0 supports certain types of pluggable protocols that allow remote attackers to bypass the cross-domain security model and execute arbitrary code, aka "Improper Cross Domain Security Validation with ShowHelp functionality."
Platform: |
Microsoft Windows 2000 |
Product: |
Microsoft Internet Explorer |