Oval Definition:	oval:org.mitre.oval:def:3464
Revision Date: 2014-05-05 Version: 8 Title: IE AbusiveParent Vulnerability (32-bit XP) Description: The DHTML Edit Control (dhtmled.ocx) allows remote attackers to inject arbitrary web script into other domains by setting a name for a window, opening a child page whose target is the window with the given name, then injecting the script from the parent into the child using execScript, as demonstrated by "AbusiveParent" in Internet Explorer 6.0.2900.2180. Family: windows Class: vulnerability Status: ACCEPTED Reference(s): CVE-2004-1319 Platform(s): Microsoft Windows XP Product(s): Microsoft Internet Explorer Definition Synopsis Windows XP 32-bit edition is installed with service pack 2 (or earlier) Windows XP is installed AND 32-Bit version of Windows is installed AND Win2K/XP/2003 service pack 2 (or earlier) is installed AND the version of dhtmled.ocx is less than 6.1.0.9232 AND NOT the patch kb891781 is installed (Hotfix key)
BACK