Microsoft Internet Explorer 6 through 9 does not properly handle unspecified character sequences, which allows remote attackers to read content from a different (1) domain or (2) zone via a crafted web site that triggers βinactive filtering,β aka βShift JIS Character Encoding Vulnerability.β