CVSS2
Attack Vector
NETWORK
Attack Complexity
MEDIUM
Authentication
NONE
Confidentiality Impact
PARTIAL
Integrity Impact
NONE
Availability Impact
NONE
AV:N/AC:M/Au:N/C:P/I:N/A:N
AI Score
Confidence
Low
EPSS
Percentile
70.8%
Microsoft Internet Explorer 8 does not properly handle content settings in HTTP responses, which allows remote web servers to obtain sensitive information from a different (1) domain or (2) zone via a crafted response, aka βMIME Sniffing Information Disclosure Vulnerability.β
Vendor | Product | Version | CPE |
---|---|---|---|
microsoft | internet_explorer | 8 | cpe:2.3:a:microsoft:internet_explorer:8:*:*:*:*:*:*:* |
microsoft | windows_7 | - | cpe:2.3:o:microsoft:windows_7:-:*:*:*:*:*:*:* |
microsoft | windows_server_2003 | - | cpe:2.3:o:microsoft:windows_server_2003:-:sp2:*:*:*:*:*:* |
microsoft | windows_server_2008 | - | cpe:2.3:o:microsoft:windows_server_2008:-:-:*:*:*:*:*:* |
microsoft | windows_server_2008 | - | cpe:2.3:o:microsoft:windows_server_2008:-:sp2:*:*:*:*:*:* |
microsoft | windows_server_2008 | r2 | cpe:2.3:o:microsoft:windows_server_2008:r2:*:*:*:*:*:*:* |
microsoft | windows_vista | - | cpe:2.3:o:microsoft:windows_vista:-:sp1:*:*:*:*:*:* |
microsoft | windows_vista | - | cpe:2.3:o:microsoft:windows_vista:-:sp2:*:*:*:*:*:* |
microsoft | windows_xp | - | cpe:2.3:o:microsoft:windows_xp:-:sp2:*:*:professional:*:x64:* |
microsoft | windows_xp | - | cpe:2.3:o:microsoft:windows_xp:-:sp3:*:*:*:*:*:* |