Intrusion Prevention

MS.IE.Cached.Object.Zone.Bypass

Description

This indicates a possible attempt to exploit a Cross Domain Verification vulnerability in Internet Explorer 5.5 and 6.0.
The vulnerability allows remote attackers to bypass the cross-domain security model and access information on the local system or in other domains, and possibly execute code.

Affected Products

Microsoft Internet Explorer 6.0 SP1 and earlier versions.

Impact

Information Disclosure: Remote attackers can gain sensitive information from vulnerable systems.

Recommended Actions

Apply the IE cumulative patch from MS02-066.
http://technet.microsoft.com/en-us/security/bulletin/ms02-066

CVE References

CVE-2002-1186