vendor:
Internet Explorer
by:
Unknown
7.5
CVSS
HIGH
Cross-Domain Information Disclosure
Unknown
CWE
Product Name: Internet Explorer
Affected Version From: Internet Explorer 6
Affected Version To: Internet Explorer 8
Patch Exists: NO
Related CWE: Unknown
CPE: Unknown
Platforms Tested:
Unknown
Cross-Domain Information Disclosure Vulnerability in Microsoft Internet Explorer
Microsoft Internet Explorer is prone to a cross-domain information-disclosure vulnerability because the application fails to enforce the same-origin policy. An attacker can exploit this issue by enticing an unsuspecting user into viewing a page containing malicious content. Successful exploits will allow attackers to bypass the same-origin policy and obtain potentially sensitive information; other attacks are possible.
Mitigation:
Unknown