Status:

Candidate

Description:

Internet Explorer 6 SP1 and earlier allows remote attackers to bypass zone restrictions and execute Javascript by setting the window's "href" to the malicious Javascript, then calling execCommand("Refresh") to refresh the page, aka BodyRefreshLoadsJPU or the "ExecCommand Cross Domain" vulnerability.

Reference:

Phase:

Assigned (20030918)
CVE IDProtocolSoursePortTargetPort

Other Vulnerabilities:

Year CEV (3053)
Common Vulnerabilities
and Exposures
CAN (20174)
Candidate
1999CVE-1999 (821)CAN-1999 (749 )
2000CVE-2000 (808)CAN-2000 (423 )
2001CVE-2001 (625)CAN-2001 (934 )
2002CVE-2002 (643)CAN-2002 (1566)
2003CVE-2003 (81 )CAN-2003 (1236)
2004CVE-2004 (75 )CAN-2004 (2601)
2005-CAN-2005 (4825)
2006-CAN-2006 (6982)
2007-CAN-2007 (858 )

Our Clients