Microsoft Internet Explorer Cross-Site Scripting Attack Vulnerability

Last Update Date: 3 Feb 2015 11:53 Release Date: 3 Feb 2015 3336 Views

RISK: High Risk

High Risk

TYPE: Clients - Browsers

TYPE: Browsers

A vulnerability was identified in Microsoft Internet Explorer. A remote user can conduct cross-site scripting attacks.

A remote user can create specially crafted HTML that, when loaded by a target user, will bypass the Microsoft Internet Explorer same origin domain policy and execute arbitrary scripting code. The code will originate from an arbitrary site and will run in the security context of that site. As a result, the code will be able to access the target user's cookies (including authentication cookies), if any, associated with the site, access data recently submitted by the target user via web form to the site, or take actions on the site acting as the target user.

 

NOTE: No solution is currently available.

Impact

  • Cross-Site Scripting

System / Technologies affected

  • Version 11

Solutions

  • No solution is currently available.

Vulnerability Identifier

  • 暫時未有 CVE 參考提供。

Source

Related Link

Share with

Previous

Glibc Buffer Overflow "GHOST" vulnerability

30 Jan 2015 3302 Views

Next

VLC Multimedia Player and Streamer Multiple vulnerabilities

4 Feb 2015 3159 Views

We use cookies to give you the best possible experience on our website. By continuing to browse this site, you give consent for cookies to be used. For more details please read our Cookie Policy.

PRIVACY POLICY