Internet Explorer 5.01 allows remote attackers to bypass the cross frame security policy via a malicious applet that interacts with the Java JSObject to modify the DOM properties to set the IFRAME to an arbitrary Javascript URL.
Name | Vendor | Start Version | End Version |
---|---|---|---|
Internet_explorer | Microsoft | 5.01 | 5.01 |
Internet_explorer | Microsoft | 5.0 | 5.0 |