A flaw in Microsoft Internet Explorer 5.01 and 6 means the Internet browser does not properly identify the originating domain zone. This can be a problem when handling redirects, which in turn allows remote attackers to read cross-domain Web pages. It might also allow attackers to execute code via a specially crafted web page.
- US-CERT Technical Alert: TA06-220A
- US-CERT Vulnerability Note: VU#252764
- Microsoft Patch: MS06-042
- FRSIRT: ADV-2006-3212
- SECUNIA: 21396