Lucene search
RootSSV:60633HistoryFeb 18, 2013 - 12:00 a.m.
Microsoft Internet Explorer Shift JIS字符信息泄露漏洞(CVE-2013-0015) (ms13-009)
2013-02-1800:00:00
Root
www.seebug.org
22
0.487 Medium
EPSS
Percentile
97.5%
BUGTRAQ ID: 57822
CVE(CAN) ID: CVE-2013-0015
Microsoft Internet Explorer是微软公司推出的一款网页浏览器。
Shift JIS是日本语的字符编码。Internet Explorer 6, 7, 8, 9没有正确执行Shift JIS编码的自动选择,通过构造触发跨域滚动事件的特制网站,远程攻击者可从不同的域或区域读取内容,造成信息泄露。
0
Microsoft Internet Explorer 6 - 9
临时解决方法:
如果您不能立刻安装补丁或者升级,建议您采取以下措施以降低威胁:
-
将互联网和局域网安全区域设置为“高”
-
配置IE,在运行AS前提示,或禁用互联网和局域网安全区域内的AS。
厂商补丁:
Microsoft
Microsoft已经为此发布了一个安全公告(MS13-009)以及相应补丁:
MS13-009:Cumulative Security Update for Internet Explorer (2792100)
链接:http://www.microsoft.com/technet/security/bulletin/MS13-009.asp
Related
cve
cve
CVE-2013-0015
2013-02-13 12:04:11
CVE-2013-3166
2013-07-10 03:46:10
cvelist
cvelist
CVE-2013-0015
2013-02-13 11:00:00
CVE-2013-3166
2013-07-10 01:00:00
nvd
nvd
CVE-2013-0015
2013-02-13 12:04:11
CVE-2013-3166
2013-07-10 03:46:10
symantec
symantec
checkpoint_advisories
checkpoint_advisories
Internet Explorer Shift JIS Character Encoding (MS13-009; CVE-2013-0015)
2013-02-12 00:00:00
prion
prion
Cross site scripting
2013-02-13 12:04:00
Cross site scripting
2013-07-10 03:46:00
threatpost
threatpost
Microsoft Patches Critical IE Vulnerabilities
2013-02-12 19:32:18
openvas
openvas
Microsoft Internet Explorer Multiple Vulnerabilities (2792100)
2013-02-13 00:00:00
Microsoft Internet Explorer Multiple Vulnerabilities (2792100)
2013-02-13 00:00:00
securityvulns
securityvulns
Microsoft Internet Explorer multiple security vulnerabilities
2013-02-14 00:00:00
mskb
mskb
nessus
nessus
MS13-009: Security Update for Internet Explorer (2792100)
2013-02-12 00:00:00