Vulnerability Note VU#598147
Microsoft Internet Explorer does not properly handle document.open()
Microsoft Internet Explorer contains a vulnerability in which a script from one source is permitted to access files on the client's file system. An attacker may be able to read cookies and other files on a target system, and spoof Internet sites by creating believable window titles.
In JScript, the open method is used to access a document or to open a browser window, and the close method is typically used to close the document or window. The open method takes an argument that specifies either the MIME type (text/html only) of the document or a URL to render in a new browser window.
By convincing a user to view a malicious web page or HTML email message, a remote attacker can read cookies and certain types of files on the target host and spoof Internet sites.
Systems Affected (Learn More)
|Vendor||Status||Date Notified||Date Updated|
|Microsoft Corporation||Affected||20 Dec 2001||18 Feb 2003|
CVSS Metrics (Learn More)
This vulnerability was discovered by "the Pull" <firstname.lastname@example.org>.
This document was written by Ian A. Finlay and Art Manion.
- CVE IDs: CVE-2002-0027
- Date Public: 19 Dec 2001
- Date First Published: 21 Dec 2001
- Date Last Updated: 13 May 2003
- Severity Metric: 28.08
- Document Revision: 65
If you have feedback, comments, or additional information about this vulnerability, please send us email.