|
|
CVE Reference: CVE-2008-3474 |
|
| NOTE: The text on this page is written by CVE MITRE and reflects neither the opinions of Secunia or the results of our research. All data on this page is written and maintained by CVE MITRE. | |
|
Original Page at CVE MITRE: CVE-2008-3474 |
|
|
Description: Microsoft Internet Explorer 6 and 7 does not properly determine the domain or security zone of origin of web script, which allows remote attackers to bypass the intended cross-domain security policy and obtain sensitive information via a crafted HTML document, aka "Cross-Domain Information Disclosure Vulnerability." |
|
|
CVE Status: Candidate |
|
|
References: XF http://xforce.iss.net/xforce/xfdb/45854 http://xforce.iss.net/xforce/xfdb/45565 ST 1021047 OVAL http://oval.mitre.org/repository/data/getDef?id=oval:org.mitre.oval:def:13299 MS http://www.microsoft.com/technet/security/Bulletin/MS08-058.mspx HP http://marc.info/?l=bugtraq&m=122479227205998&w=2 CERT http://www.us-cert.gov/cas/techalerts/TA08-288A.html |
|
| Return to the previous page. |
