Lucene search
K

6 matches found

OpenVAS
OpenVAS
added 2008/10/15 12:0 a.m.23 views

Cumulative Security Update for Internet Explorer (956390)

This host is missing critical security update according to Microsoft Bulletin MS08-058. SPDX-FileCopyrightText: 2008 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only...

9.3CVSS7.8AI score0.39864EPSS
Exploits3References7
Tenable Nessus
Tenable Nessus
added 2008/10/15 12:0 a.m.30 views

MS08-058: Microsoft Internet Explorer Multiple Vulnerabilities (956390)

The remote host is missing the IE cumulative security update 956390. The remote version of IE is vulnerable to several flaws that could allow an attacker to execute arbitrary code on the remote host. C Tenable Network Security, Inc. include"compat.inc"; if description scriptid34403;...

9.3CVSS8.5AI score0.39864EPSS
Exploits3References7
Prion
Prion
added 2008/06/30 10:41 p.m.17 views

Cross site scripting

Cross-domain vulnerability in Microsoft Internet Explorer 7 and 8 allows remote attackers to change the location property of a frame via the Object data type, and use a frame from a different domain to observe domain-independent events, as demonstrated by observing onkeydown events with...

6.8CVSS6.6AI score0.25438EPSS
Exploits1References7Affected Software1
Prion
Prion
added 2008/06/30 10:41 p.m.20 views

Cross site scripting

Cross-domain vulnerability in Microsoft Internet Explorer 6 and 7 allows remote attackers to change the location property of a frame via the String data type, and use a frame from a different domain to observe domain-independent events, as demonstrated by observing onkeydown events with...

6.8CVSS6.6AI score0.24744EPSS
Exploits1References5Affected Software1
NVD
NVD
added 2008/06/30 10:41 p.m.32 views

CVE-2008-2947

Cross-domain vulnerability in Microsoft Internet Explorer 5.01 SP4, 6, and 7 allows remote attackers to access restricted information from other domains via JavaScript that uses the Object data type for the value of a 1 location or 2 location.href property, related to incorrect determination of t...

6.8CVSS6AI score0.24744EPSS
Exploits1References14
CVE
CVE
added 2008/06/30 10:0 p.m.66 views

CVE-2008-2947

CVE-2008-2947 describes a cross-domain vulnerability in Internet Explorer (IE 5.01 SP4 on Windows 2000 SP4, IE6 SP1 on Windows 2000/XP, IE6/IE7 on various Windows editions, and IE7) where JavaScript can abuse the Window Location object due to incorrect origin determination, leading to remote code...

6.8CVSS8.4AI score0.24744EPSS
Exploits1References14Affected Software1
Rows per page
Query Builder