PT-2000-1248 · Microsoft+1 · Internet Explorer+1

Published

2000-04-18

Updated

2021-07-23

CVE-2000-0266

CVSS v2.0

2.6

Low

Vector

AV:N/AC:H/Au:N/C:P/I:N/A:N

Name of the Vulnerable Software and Affected Versions Internet Explorer version 5.01

Description The issue allows remote attackers to bypass the cross frame security policy. This is achieved through a malicious applet that interacts with the Java JSObject to modify the DOM properties, setting the IFRAME to an arbitrary Javascript URL.

Recommendations For Internet Explorer version 5.01, consider disabling the use of Java applets or restricting interactions with the Java JSObject to minimize the risk of exploitation.

Fix

Found an issue in the description? Have something to add? Feel free to write us 👾

dbugs@ptsecurity.com

Related Identifiers

CVE-2000-0266

Affected Products

Internet Explorer

Java

PT-2000-1248 · Microsoft+1 · Internet Explorer+1

CVE-2000-0266

Related Identifiers

Affected Products

References · 3