CVE-2002-1217

Name of the Vulnerable Software and Affected Versions: Internet Explorer versions 5.5 through 6.0

Description: A Cross-Frame scripting issue allows remote attackers to execute arbitrary code, read arbitrary files, or conduct other unauthorized activities via script that accesses the Document property, bypassing <frame> and <iframe> domain restrictions.

Recommendations: For Internet Explorer versions 5.5 through 6.0, consider disabling the WebBrowser control as a temporary workaround until a patch is available. Restrict access to sensitive files and minimize the use of the WebBrowser control to minimize the risk of exploitation.