VDB
GCVE-110-CERTCC-2002-244729
GCVE-110-CERTCC-2002-244729
Advisory Published
A vulnerability in the way Microsoft Internet Explorer (IE) handles window ornament parameters in dialog frames allows script from a dialog frame in one domain to execute in a different domain, including the Local Machine Zone. The script could read certain local files and data (i.e. cookies) from other web sites. In the presence of other vulnerabilities (VU#626395, VU#25249), the script could execute arbitrary commands.
Risk Scores
certcc-cam
certcc-cam
impact7population17exploitation0widely_known19score_current16.734375ease_of_exploitation15
Aliases
References
Microsoft Internet Explorer does not adequately validate window ornament parameters in dialog frames
url
Microsoft Internet Explorer does not adequately validate window ornament parameters in dialog frames
url
Microsoft Internet Explorer does not adequately validate window ornament parameters in dialog frames
url
Microsoft Internet Explorer does not adequately validate window ornament parameters in dialog frames
url
Microsoft Internet Explorer does not adequately validate window ornament parameters in dialog frames
url
Microsoft Internet Explorer does not adequately validate window ornament parameters in dialog frames
url
Microsoft Internet Explorer does not adequately validate window ornament parameters in dialog frames
advisory
Microsoft Internet Explorer does not adequately validate window ornament parameters in dialog frames
advisory
Browse GCVE Records
72,580 records in the GCVE database · Updated July 15, 2026
No matching records found.
Explore Further
Investigate this vulnerability in the interactive console or download the raw GCVE record.