This vulnerability restricts information from other domains via an object tag. A data parameter within that tag references a link on the attacker's originating site. The link on the attacker's originating site then specifies a Location HTTP header on a target site. The flaw makes that potentially malicious content available through the outerHTML attribute of the object.
On August 8, 2006, Microsoft issued MS06-040, a cumulative patch for Internet Explorer, that addresses this vulnerability.
Additional Resources:
- Vendor Patch Information: MS06-042
- IST CVE #: CVE-2006-3280
- Secunia advisory: 20825