Vulnerabilities

CVE-2008-3473

by Fred · 14/10/2008

Microsoft Internet Explorer 6 and 7 does not properly determine the domain or security zone of origin of web script, which allows remote attackers to bypass the intended cross-domain security policy, and execute arbitrary code or obtain sensitive information, via a crafted HTML document, aka "Event Handling Cross-Domain Vulnerability."

Date published : 2008-10-14

http://www.securityfocus.com/bid/31616

http://www.us-cert.gov/cas/techalerts/TA08-288A.html

Similar

Tags: Cybersecurity Alert