TUCoPS :: Browsers :: bt606.txt

MSIE patched&undisclosed XSS vuln

MSIE:patched&undisclosed XSS vuln

("that's all" is end of file if you are in a hurry)


OS:Windows XP Professional

Browser: MS Internet Explorer 6.0.2600.0000.xpclient.01087-1148

(without any patch)

(note: it doesn't work on the patched MSIE) 





http://umbrella.mx.tc ==> "AutoScanJPU-MyPage" section


window.external.AutoScan method can navigate other windows to somewhere, 

and it doesn't filter Javascript-protocol url.

that's all.




does anyone here know other vulnz patched silently? 

greetings to:

the Pull, dror, guninski and "Vadim Krochak" - and gean!


best wishes 



make notes easily! 

- http://www.safecenter.net/liudieyu/domex

- http://domex.int.tc


all mentioned resources can be found at http://umbrella.mx.tc

TUCoPS is optimized to look best in Firefox® on a widescreen monitor (1440x900 or better).
Site design & layout copyright © 1986-2024 AOH