|
|
CVE Reference: CVE-2005-4089 |
|
| NOTE: The text on this page is written by CVE MITRE and reflects neither the opinions of Secunia or the results of our research. All data on this page is written and maintained by CVE MITRE. | |
|
Original Page at CVE MITRE: CVE-2005-4089 |
|
|
Description: Microsoft Internet Explorer allows remote attackers to bypass cross-domain security restrictions and obtain sensitive information by using the @import directive to download files from other domains that are not valid Cascading Style Sheets (CSS) files, as demonstrated using Google Desktop, aka "CSSXSS" and "CSS Cross-Domain Information Disclosure Vulnerability." |
|
|
CVE Status: Candidate |
|
|
References: ST 1016291 SAID Secunia Advisory: SA17564 OVAL http://oval.mitre.org/repository/data/getDef?id=oval:org.mitre.oval:def:1556 http://oval.mitre.org/repository/data/getDef?id=oval:org.mitre.oval:def:1800 http://oval.mitre.org/repository/data/getDef?id=oval:org.mitre.oval:def:1838 http://oval.mitre.org/repository/data/getDef?id=oval:org.mitre.oval:def:1914 http://oval.mitre.org/repository/data/getDef?id=oval:org.mitre.oval:def:1977 http://oval.mitre.org/repository/data/getDef?id=oval:org.mitre.oval:def:1985 MS http://www.microsoft.com/technet/security/bulletin/ms06-021.mspx MISC http://www.hacker.co.il/security/ie/css_import.html BID 15660 |
|
| Return to the previous page. |
