Strawberry Recall Best Plant-Based Bacon Unplug Energy Vampires Apple Watch 9 Rumors ChatGPT Passes Bar Exam Your Tax Refund Cheap Plane Tickets Sleep and Heart Health
Want CNET to notify you of price drops and the latest stories?
No, thank you
Accept

Cross-domain vulnerability in Microsoft Internet Explorer 6

This flaw could allow remote attackers access to information on other domains

This vulnerability restricts information from other domains via an object tag. A data parameter within that tag references a link on the attacker's originating site. The link on the attacker's originating site then specifies a Location HTTP header on a target site. The flaw makes that potentially malicious content available through the outerHTML attribute of the object.

On August 8, 2006, Microsoft issued MS06-040, a cumulative patch for Internet Explorer, that addresses this vulnerability.

Additional Resources: