Lee Dagon

**Name of the Vulnerable Software and Affected Versions** Microsoft Internet Explorer versions 6 through 7 **Description** The issue allows remote attackers to bypass the intended cross-domain security policy and obtain sensitive information via a crafted HTML document. This is due to the improper determination of the domain or security zone of origin of web script. An attacker could exploit this by constructing a specially crafted Web page, potentially leading to information disclosure if a user views the Web page. **Recommendations** For Microsoft Internet Explorer versions 6 through 7, update to a newer version to mitigate the risk. As a temporary workaround, consider restricting access to sensitive information when browsing untrusted websites. Avoid using Internet Explorer to access sensitive data until the issue is resolved.