|
|
CVE Reference: CVE-2008-3472 |
|
| NOTE: The text on this page is written by CVE MITRE and reflects neither the opinions of Secunia or the results of our research. All data on this page is written and maintained by CVE MITRE. | |
|
Original Page at CVE MITRE: CVE-2008-3472 |
|
|
Description: Microsoft Internet Explorer 6 and 7 does not properly determine the domain or security zone of origin of web script, which allows remote attackers to bypass the intended cross-domain security policy, and execute arbitrary code or obtain sensitive information, via a crafted HTML document, aka "HTML Element Cross-Domain Vulnerability." |
|
|
CVE Status: Candidate |
|
|
References: XF http://xforce.iss.net/xforce/xfdb/45558 http://xforce.iss.net/xforce/xfdb/45565 ST 1021047 OVAL http://oval.mitre.org/repository/data/getDef?id=oval:org.mitre.oval:def:12364 MS http://www.microsoft.com/technet/security/Bulletin/MS08-058.mspx HP http://marc.info/?l=bugtraq&m=122479227205998&w=2 CERT http://www.us-cert.gov/cas/techalerts/TA08-288A.html BID 31615 31654 |
|
| Return to the previous page. |
