Oval Definition:	oval:org.mitre.oval:def:3851
Revision Date: 2014-05-05 Version: 10 Title: IE AbusiveParent Vulnerability (Windows 2000) Description: The DHTML Edit Control (dhtmled.ocx) allows remote attackers to inject arbitrary web script into other domains by setting a name for a window, opening a child page whose target is the window with the given name, then injecting the script from the parent into the child using execScript, as demonstrated by "AbusiveParent" in Internet Explorer 6.0.2900.2180. Family: windows Class: vulnerability Status: ACCEPTED Reference(s): CVE-2004-1319 Platform(s): Microsoft Windows 2000 Product(s): Microsoft Internet Explorer Definition Synopsis Windows 2000 (sp4 or earlier) is installed Windows 2000 is installed AND NOT Win2K/XP/2003 service pack 5 (or later) is installed AND the version of dhtmled.ocx is less than 6.1.0.9232 AND NOT the patch kb891781 is installed (Hotfix key)
BACK