Oval Definition:	oval:org.mitre.oval:def:1701
Revision Date: 2014-05-05 Version: 10 Title: IE AbusiveParent Vulnerability (64-bit XP) Description: The DHTML Edit Control (dhtmled.ocx) allows remote attackers to inject arbitrary web script into other domains by setting a name for a window, opening a child page whose target is the window with the given name, then injecting the script from the parent into the child using execScript, as demonstrated by "AbusiveParent" in Internet Explorer 6.0.2900.2180. Family: windows Class: vulnerability Status: ACCEPTED Reference(s): CVE-2004-1319 Platform(s): Microsoft Windows XP Product(s): Microsoft Internet Explorer Definition Synopsis Windows XP 64-bit with SP1 (or earlier) installed Windows XP (sp1 or earlier) is installed Windows XP is installed AND NOT Win2K/XP/2003 service pack 2 (or later) is installed AND the version of wdhtmled.ocx is less than 6.1.0.9232 AND NOT the patch kb891781 is installed (Hotfix key)
BACK