Lucene search

K

MitreCVELIST:CVE-2009-4074

HistoryNov 25, 2009 - 6:00 p.m.

CVE-2009-4074

2009-11-2518:00:00

mitre

www.cve.org

7.8 High

AI Score

Confidence

High

0.005 Low

EPSS

Percentile

77.0%

The XSS Filter in Microsoft Internet Explorer 8 allows remote attackers to leverage the “response-changing mechanism” to conduct cross-site scripting (XSS) attacks against web sites that have no inherent XSS vulnerabilities, related to the details of output encoding and improper modification of an HTML attribute, aka “XSS Filter Script Handling Vulnerability.”

References

hackademix.net/2009/11/21/ies-xss-filter-creates-xss-vulnerabilities/

www.owasp.org/images/5/50/OWASP-Italy_Day_IV_Maone.pdf

www.securityfocus.com/bid/37135

www.theregister.co.uk/2009/11/20/internet_explorer_security_flaw/

docs.microsoft.com/en-us/security-updates/securitybulletins/2010/ms10-002

oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A7715

7.8 High

AI Score

Confidence

High

0.005 Low

EPSS

Percentile

77.0%

Related for CVELIST:CVE-2009-4074

openvas4 prion2 cve2 nvd2 cvelist1 securityvulns2 nessus1 mskb1