Lucene search
HistoryDec 07, 2011 - 7:55 p.m.
CVE-2010-5071
CVSS2
5
Attack Vector
NETWORK
Attack Complexity
LOW
Authentication
NONE
Confidentiality Impact
PARTIAL
Integrity Impact
NONE
Availability Impact
NONE
AV:N/AC:L/Au:N/C:P/I:N/A:N
AI Score
6
Confidence
High
EPSS
0.004
Percentile
73.2%
The JavaScript implementation in Microsoft Internet Explorer 8.0 and earlier does not properly restrict the set of values contained in the object returned by the getComputedStyle method, which allows remote attackers to obtain sensitive information about visited web pages by calling this method.
Affected configurations
Node
microsoftieMatch7.0.6000.16711
ORmicrosoftieMatch8.0.7600.16385
ORmicrosoftieMatch8.0b
ORmicrosoftinternet_explorerRange≤8
ORmicrosoftinternet_explorerMatch3.0
ORmicrosoftinternet_explorerMatch3.0.1
ORmicrosoftinternet_explorerMatch3.0.2
ORmicrosoftinternet_explorerMatch3.1
ORmicrosoftinternet_explorerMatch3.2
ORmicrosoftinternet_explorerMatch4.0
ORmicrosoftinternet_explorerMatch4.0.1
ORmicrosoftinternet_explorerMatch4.0.1sp1
ORmicrosoftinternet_explorerMatch4.0.1sp2
ORmicrosoftinternet_explorerMatch4.01
ORmicrosoftinternet_explorerMatch4.1
ORmicrosoftinternet_explorerMatch4.01sp1
ORmicrosoftinternet_explorerMatch4.5
ORmicrosoftinternet_explorerMatch4.40.308
ORmicrosoftinternet_explorerMatch4.40.520
ORmicrosoftinternet_explorerMatch4.70.1155
ORmicrosoftinternet_explorerMatch4.70.1158
ORmicrosoftinternet_explorerMatch4.70.1215
ORmicrosoftinternet_explorerMatch4.70.1300
ORmicrosoftinternet_explorerMatch4.71.544
ORmicrosoftinternet_explorerMatch4.71.1008.3
ORmicrosoftinternet_explorerMatch4.71.1712.6
ORmicrosoftinternet_explorerMatch4.72.2106.8
ORmicrosoftinternet_explorerMatch4.72.3110.8
ORmicrosoftinternet_explorerMatch4.72.3612.1713
ORmicrosoftinternet_explorerMatch5
ORmicrosoftinternet_explorerMatch5.0
ORmicrosoftinternet_explorerMatch5.0.1
ORmicrosoftinternet_explorerMatch5.0.1sp1
ORmicrosoftinternet_explorerMatch5.0.1sp2
ORmicrosoftinternet_explorerMatch5.0.1sp3
ORmicrosoftinternet_explorerMatch5.0.1sp4
ORmicrosoftinternet_explorerMatch5.00.0518.10
ORmicrosoftinternet_explorerMatch5.00.0910.1309
ORmicrosoftinternet_explorerMatch5.00.2014.0216
ORmicrosoftinternet_explorerMatch5.00.2314.1003
ORmicrosoftinternet_explorerMatch5.00.2516.1900
ORmicrosoftinternet_explorerMatch5.00.2614.3500
ORmicrosoftinternet_explorerMatch5.00.2919.800
ORmicrosoftinternet_explorerMatch5.00.2919.3800
ORmicrosoftinternet_explorerMatch5.00.2919.6307
ORmicrosoftinternet_explorerMatch5.00.2920.0000
ORmicrosoftinternet_explorerMatch5.00.3103.1000
ORmicrosoftinternet_explorerMatch5.00.3105.0106
ORmicrosoftinternet_explorerMatch5.00.3314.2101
ORmicrosoftinternet_explorerMatch5.00.3315.1000
ORmicrosoftinternet_explorerMatch5.00.3502.1000
ORmicrosoftinternet_explorerMatch5.00.3700.1000
ORmicrosoftinternet_explorerMatch5.01
ORmicrosoftinternet_explorerMatch5.1
ORmicrosoftinternet_explorerMatch5.01sp1
ORmicrosoftinternet_explorerMatch5.01sp2
ORmicrosoftinternet_explorerMatch5.01sp3
ORmicrosoftinternet_explorerMatch5.01sp4
ORmicrosoftinternet_explorerMatch5.2.3
ORmicrosoftinternet_explorerMatch5.5
ORmicrosoftinternet_explorerMatch5.5preview
ORmicrosoftinternet_explorerMatch5.5sp1
ORmicrosoftinternet_explorerMatch5.5sp2
ORmicrosoftinternet_explorerMatch5.50.3825.1300
ORmicrosoftinternet_explorerMatch5.50.4030.2400
ORmicrosoftinternet_explorerMatch5.50.4134.0100
ORmicrosoftinternet_explorerMatch5.50.4134.0600
ORmicrosoftinternet_explorerMatch5.50.4308.2900
ORmicrosoftinternet_explorerMatch5.50.4522.1800
ORmicrosoftinternet_explorerMatch5.50.4807.2300
ORmicrosoftinternet_explorerMatch6
ORmicrosoftinternet_explorerMatch6sp1
ORmicrosoftinternet_explorerMatch6.0
ORmicrosoftinternet_explorerMatch6.00.2462.0000
ORmicrosoftinternet_explorerMatch6.00.2479.0006
ORmicrosoftinternet_explorerMatch6.0.2600
ORmicrosoftinternet_explorerMatch6.00.2600.0000
ORmicrosoftinternet_explorerMatch6.0.2800
ORmicrosoftinternet_explorerMatch6.0.2800.1106
ORmicrosoftinternet_explorerMatch6.00.2800.1106
ORmicrosoftinternet_explorerMatch6.0.2900
ORmicrosoftinternet_explorerMatch6.0.2900.2180
ORmicrosoftinternet_explorerMatch6.00.2900.2180
ORmicrosoftinternet_explorerMatch6.00.3663.0000
ORmicrosoftinternet_explorerMatch6.00.3718.0000
ORmicrosoftinternet_explorerMatch6.00.3790.0000
ORmicrosoftinternet_explorerMatch6.00.3790.1830
ORmicrosoftinternet_explorerMatch6.00.3790.3959
ORmicrosoftinternet_explorerMatch7
ORmicrosoftinternet_explorerMatch7.0
ORmicrosoftinternet_explorerMatch7.0beta
ORmicrosoftinternet_explorerMatch7.0beta1
ORmicrosoftinternet_explorerMatch7.0beta2
ORmicrosoftinternet_explorerMatch7.0beta3
ORmicrosoftinternet_explorerMatch7.0.5730unknowngold
ORmicrosoftinternet_explorerMatch7.0.5730.11
ORmicrosoftinternet_explorerMatch7.00.5730.1100
ORmicrosoftinternet_explorerMatch7.00.6000.16386
ORmicrosoftinternet_explorerMatch7.00.6000.16441
ORmicrosoftinternet_explorerMatch8.0.6001
ORmicrosoftinternet_explorerMatch8.0.6001beta
| Vendor | Product | Version | CPE |
|---|---|---|---|
| microsoft | ie | 7.0.6000.16711 | cpe:2.3:a:microsoft:ie:7.0.6000.16711:*:*:*:*:*:*:* |
| microsoft | ie | 8.0.7600.16385 | cpe:2.3:a:microsoft:ie:8.0.7600.16385:*:*:*:*:*:*:* |
| microsoft | ie | 8.0b | cpe:2.3:a:microsoft:ie:8.0b:*:*:*:*:*:*:* |
| microsoft | internet_explorer | * | cpe:2.3:a:microsoft:internet_explorer:*:*:*:*:*:*:*:* |
| microsoft | internet_explorer | 3.0 | cpe:2.3:a:microsoft:internet_explorer:3.0:*:*:*:*:*:*:* |
| microsoft | internet_explorer | 3.0.1 | cpe:2.3:a:microsoft:internet_explorer:3.0.1:*:*:*:*:*:*:* |
| microsoft | internet_explorer | 3.0.2 | cpe:2.3:a:microsoft:internet_explorer:3.0.2:*:*:*:*:*:*:* |
| microsoft | internet_explorer | 3.1 | cpe:2.3:a:microsoft:internet_explorer:3.1:*:*:*:*:*:*:* |
| microsoft | internet_explorer | 3.2 | cpe:2.3:a:microsoft:internet_explorer:3.2:*:*:*:*:*:*:* |
| microsoft | internet_explorer | 4.0 | cpe:2.3:a:microsoft:internet_explorer:4.0:*:*:*:*:*:*:* |
References
Related
prion
prion
Security feature bypass
2011-12-07 19:55:00
cvelist
cvelist
CVE-2010-5071
2011-12-07 19:00:00
cve
cve
CVE-2010-5071
2011-12-07 19:55:01
openvas
openvas
Microsoft Internet Explorer Multiple Information Disclosure Vulnerabilities
2011-12-09 00:00:00
Microsoft Internet Explorer Multiple Information Disclosure Vulnerabilities
2011-12-09 00:00:00
CVSS2
5
Attack Vector
NETWORK
Attack Complexity
LOW
Authentication
NONE
Confidentiality Impact
PARTIAL
Integrity Impact
NONE
Availability Impact
NONE
AV:N/AC:L/Au:N/C:P/I:N/A:N
AI Score
6
Confidence
High
EPSS
0.004
Percentile
73.2%
Related for NVD:CVE-2010-5071