In my comments I wrote that the cssText vulnerability appeared to be patched. After further testing and research I will have to correct myself, as the issue is not patched at all. To sum it up: On February 18, GreyMagic discovered a vulnerability in the cssText property of imported stylesheets. After Microsoft had researched it for 44 days GreyMagic released their advisory on April 2. According to the MS02-023 bulletin released by Microsoft on May 15, this vulnerability should now be patched. However, using a simple HTTP redirect circumvents this new 'protection'. I seem not to be the only one who has discovered this fact. GreyMagic Software have updated their advisory on the cssText vulnerability and bundled a new example that works "post MS02-023", which can be found at http://sec.greymagic.com/adv/gm004-ie/ Regards Thor Larholm Jubii A/S - Internet Programmer
