This attack could pose a moderate security threat. It does not require immediate action.
This signature detects any attempts to exploit a cross-domain vulnerability in IE.
There is a cross-domain vulnerability in the way IE determines the security zone of a browser frame that is opened in one domain then redirected by a web server to a different one. A complex set of conditions is involved, including a delayed HTTP response (3xx status code) to change the content of the frame to the new domain.
NOTE: Other programs that host the WebBrowser ActiveX control or use the MSHTML rendering engine, such as Outlook and Outlook Express, may also be affected.
- Microsoft Internet Explorer 6.0 SP1