6 matches found
Cumulative Security Update for Internet Explorer (956390)
This host is missing critical security update according to Microsoft Bulletin MS08-058. SPDX-FileCopyrightText: 2008 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only...
MS08-058: Microsoft Internet Explorer Multiple Vulnerabilities (956390)
The remote host is missing the IE cumulative security update 956390. The remote version of IE is vulnerable to several flaws that could allow an attacker to execute arbitrary code on the remote host. C Tenable Network Security, Inc. include"compat.inc"; if description scriptid34403;...
Cross site scripting
Cross-domain vulnerability in Microsoft Internet Explorer 7 and 8 allows remote attackers to change the location property of a frame via the Object data type, and use a frame from a different domain to observe domain-independent events, as demonstrated by observing onkeydown events with...
Cross site scripting
Cross-domain vulnerability in Microsoft Internet Explorer 6 and 7 allows remote attackers to change the location property of a frame via the String data type, and use a frame from a different domain to observe domain-independent events, as demonstrated by observing onkeydown events with...
CVE-2008-2947
Cross-domain vulnerability in Microsoft Internet Explorer 5.01 SP4, 6, and 7 allows remote attackers to access restricted information from other domains via JavaScript that uses the Object data type for the value of a 1 location or 2 location.href property, related to incorrect determination of t...
CVE-2008-2947
CVE-2008-2947 describes a cross-domain vulnerability in Internet Explorer (IE 5.01 SP4 on Windows 2000 SP4, IE6 SP1 on Windows 2000/XP, IE6/IE7 on various Windows editions, and IE7) where JavaScript can abuse the Window Location object due to incorrect origin determination, leading to remote code...