Internet Explorer Flaw Abets Attackers
Flaw in IE's WebBrowser control lets attackers steal cookies, forge Web content and run code on users' machines.Security researchers have identified a new vulnerability in Internet Explorer that enables an attacker to steal cookies, forge Web content and run code on users machines. The flaw, which lies in the WebBrowser control, affects IE 5.5 and 6.0. Users who have installed IE Service Pack 1 or are running Windows XP with Service Pack 1 installed are not vulnerable. However, there is currently no patch available, and exploit code for the problem has been posted to at least one security mailing list. The vulnerability stems from how IE handles certain HTML elements, namely "frame" and "iframe." When a specific method for referring to a document uses the iframe element, the document that is returned is the one contained within the frame. As such, there are no security restrictions in place to check whether the document is in a different domain, according to an advisory published by GreyMagic Software, the Israeli security firm that discovered the vulnerability.
"This provides free and full access to the frames Document Object Model, which allows an attacker to steal cookies from any site, gain access to content in sites, read local files and execute arbitrary programs on the clients machine," GreyMagic said in its advisory, published Tuesday.