Critical:
Less critical
Impact: Security Bypass
Exposure of sensitive information
Where: From remote
Software: Microsoft Internet Explorer 5.01
Microsoft Internet Explorer 5.5
Microsoft Internet Explorer 6
Description:
iDEFENSE has reported a vulnerability in Internet Explorer, which can be exploited by malicious people to bypass certain frame scripting restrictions.
The vulnerability is caused due to an access validation error within the event handling routines. This makes it possible for script code in a frame associated with one domain to interact with certain events like keystrokes typed in a frame associated with a different domain.
Successful exploitation potentially allows capturing sensitive information like user credentials or credit card information typed in a frame associated with another site, if a user is tricked into following a link.
Solution:
Microsoft has reportedly not categorised this as a vulnerability, but will address it in a future service pack.
Microsoft advises users to follow best practises when browsing:
http://www.microsoft.com/security/incident/spoof.asp
http://secunia.com/advisories/10996/

Chowhound
Comic Vine
GameFAQs
GameSpot
Giant Bomb
TechRepublic