5 matches found
Microsoft IE多个跨域信息泄露和内存破坏漏洞(MS08-058)
BUGTRAQ ID: 31615,31616,31654,31618 CVECAN ID: CVE-2008-3472,CVE-2008-3473,CVE-2008-3474,CVE-2008-3476 Internet Explorer是Windows操作系统中捆绑的非常流行的WEB浏览器。 Internet Explorer中的多个安全漏洞可能允许恶意攻击者执行跨站脚本攻击,完全入侵用户的系统。 1 处理某些HTML元素或事件时的漏洞可能导致Internet Explorer错误的解释脚本来源,导致以其他域或安全区的环境执行脚本代码,或允许脚本访问另一个域或Internet...
CVE-2008-3474
Microsoft Internet Explorer 6 and 7 does not properly determine the domain or security zone of origin of web script, which allows remote attackers to bypass the intended cross-domain security policy and obtain sensitive information via a crafted HTML document, aka "Cross-Domain Information...
Cumulative Security Update for Internet Explorer (956390)
This host is missing critical security update according to Microsoft Bulletin MS08-058. SPDX-FileCopyrightText: 2008 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only...
CVE-2008-3474
CVE-2008-3474 is an information-disclosure vulnerability in Microsoft Internet Explorer 6/7 . IE may fail to correctly determine the origin domain/zone of web scripts, enabling a crafted HTML page to disclose sensitive data across domains. This CVE is addressed within the MS08-058 Cumulative Secu...
MS08-058: Microsoft Internet Explorer Multiple Vulnerabilities (956390)
The remote host is missing the IE cumulative security update 956390. The remote version of IE is vulnerable to several flaws that could allow an attacker to execute arbitrary code on the remote host. C Tenable Network Security, Inc. include"compat.inc"; if description scriptid34403;...