Packet Storm - Information Security News, Files, Tools, Exploits, Advisories and Whitepapers http://packetstormsecurity.org/ en-us Sun, 27 May 2012 23:08:02 GMT 144400 http://packetstormsecurity.org/ http://www.google-analytics.com/__utm.gif?utmwv=1.3&utmn=1775390210&utmcs=ISO-8859-1&utmsr=31337x31337&utmsc=32-bit&utmul=en-us&utmje=0&utmfl=-&utmcn=1&utmdt=Files%u2248%20Packet%20Storm&utmhn=packetstormsecurity.org&utmr=-&utmp=%2F0210-exploits%2Fgm011-ie.txt%2F&utmac=UA-18885198-1&utmcc=__utma%3D32867617.1775390210.1338160082.1338160082.1338160082.1%3B%2B__utmz%3D32867617.1338160082.1.1.utmccn%3D(direct)%7Cutmcsr%3D(direct)%7Cutmcmd%3D(none) http://packetstormsecurity.org/files/29866/gm011-ie.txt http://packetstormsecurity.org/files/29866/gm011-ie.txt http://packetstormsecurity.org/files/29866/gm011-ie.txt.html Thu, 17 Oct 2002 02:24:10 GMT Internet Explorer 5.5 SP2 and Internet Explorer 6 allow the oIFrameElement.Document reference to return a document with no security restrictions, allowing remote attackers to steal cookies from any site, gain access to content in sites (forging content), read local files and execute arbitrary programs on the client's machine. Exploit HTML included which reads the client's google.com cookie. IE6 SP1 is not affected. Four demonstration exploits are available here.