The Google toolbar 1.1.58 and earlier allows remote web sites to perform unauthorized toolbar operations including script execution and file reading in other zones such as "My Computer" by opening a window to tools.google.com or the res: protocol, then using script to modify the window's location to the toolbar's configuration URL, which bypasses the origin verification check.
Metrics
Affected Vendors & Products
References
History
No history.
MITRE
Status: PUBLISHED
Assigner: mitre
Published: 2003-03-18T05:00:00
Updated: 2024-08-08T03:26:28.694Z
Reserved: 2003-02-05T00:00:00
Link: CVE-2002-1442
Vulnrichment
No data.
NVD
Status : Analyzed
Published: 2003-04-11T04:00:00.000
Modified: 2008-09-05T20:30:36.767
Link: CVE-2002-1442
Redhat
No data.