Information disclosure vulnerability in Microsoft Internet Explorer via crafted JavaScript codeDeprecated |
ID: oval:org.secpod.oval:def:3467 | Date: (C)2011-12-17 (M)2021-09-11 |
Class: VULNERABILITY | Family: windows |
The host is installed with Microsoft Internet Explorer 6 or 7 or 8 or 9 and is prone to information disclosure vulnerability. A flaw is present in the application, which does not prevent capture of data about the times of Same Origin Policy violations during IFRAME loading attempts. Successful exploitation allows remote attackers to determine whether a document exists in the browser cache via crafted JavaScript code.
Platform: |
Microsoft Windows 2000 |
Microsoft Windows 7 |
Microsoft Windows Server 2003 |
Microsoft Windows Server 2008 |
Microsoft Windows Vista |
Microsoft Windows XP |
Product: |
Internet Explorer |