CVE-2005-4089

by Fred · 08/12/2005

Microsoft Internet Explorer allows remote attackers to bypass cross-domain security restrictions and obtain sensitive information by using the @import directive to download files from other domains that are not valid Cascading Style Sheets (CSS) files, as demonstrated using Google Desktop, aka "CSSXSS" and "CSS Cross-Domain Information Disclosure Vulnerability."

Date published : 2005-12-08

http://www.securityfocus.com/bid/15660

http://www.hacker.co.il/security/ie/css_import.html

CVE-2005-4089

Similar

Recent Posts

Categories

CVE-2005-4089

Share this:

Similar

Recent Posts

Categories

Tags