Added: 12/01/2005
CVE: CVE-2005-1790
BID: 13799
OSVDB: 17094
Internet Explorer is an HTML web browser which comes by default on Microsoft operating systems.
Internet Explorer fails to properly initialize the **window()**
function when called from an **onLoad**
event in a **body**
tag. This causes it to call a deferenced memory address, leading to the possibility of command execution.
Apply a Microsoft update when available.
<http://www.securityfocus.com/archive/1/417326>
This exploit requires a user on the target system to follow a link to the exploit using Internet Explorer.
Windows