MS.IE.Window.Location.Handling.Cross.Domain.Script.Execution
Description
This indicates an attempt to exploit a cross-domain script execution vulnerability in Internet Explorer.
This vulnerability may allow an attacker to execute JavaScript code on a vulnerable system. This is because an error exists in Internet Explorer when it handles the "location" property of the "window" object. An attacker may steal sensitive information or execute JavaScript code by tricking the victim into viewing a malicious web page that exploits this vulnerability.
Affected Products
Internet Explorer 6
Impact
System Compromise: remote attackers can inject arbitrary web scripts or HTML.
Recommended Actions
Upgrade to Internet Explorer 7, available from the following website:
http://www.microsoft.com/windows/downloads/ie/getitnow.mspx?WT.srch=1
Telemetry
Coverage
IPS (Regular DB) | |
IPS (Extended DB) |