|
|
CVE Reference: CVE-2008-3473 |
|
| NOTE: The text on this page is written by CVE MITRE and reflects neither the opinions of Secunia or the results of our research. All data on this page is written and maintained by CVE MITRE. | |
|
Original Page at CVE MITRE: CVE-2008-3473 |
|
|
Description: Microsoft Internet Explorer 6 and 7 does not properly determine the domain or security zone of origin of web script, which allows remote attackers to bypass the intended cross-domain security policy, and execute arbitrary code or obtain sensitive information, via a crafted HTML document, aka "Event Handling Cross-Domain Vulnerability." |
|
|
CVE Status: Candidate |
|
|
References: XF http://xforce.iss.net/xforce/xfdb/45562 http://xforce.iss.net/xforce/xfdb/45565 ST 1021047 OVAL http://oval.mitre.org/repository/data/getDef?id=oval:org.mitre.oval:def:13255 MS http://www.microsoft.com/technet/security/Bulletin/MS08-058.mspx HP http://marc.info/?l=bugtraq&m=122479227205998&w=2 CERT http://www.us-cert.gov/cas/techalerts/TA08-288A.html BID 31616 |
|
| Return to the previous page. |
