Wednesday, April 15, 2009

Internet Explorer 6 history.go() Remote Code Execution

There is a vulnerability in the implementation of history.go() function in Internet Explorer 6 exposed via JavaScript. The vulnerability enables the execution of arbitrary code if the user visits a web page controlled by the attacker.

The vulnerability

The vulnerability is in the erroneous implementation of history.go() function when called with a certain argument.


This vulnerability can be used to achieve remote code execution when a victim visits a specially crafted web page.


Due to the spread and the impact of the vulnerability, exploiting details will not be released at this time.