CVE-2008-2947

by Fred · 30/06/2008

Cross-domain vulnerability in Microsoft Internet Explorer 5.01 SP4, 6, and 7 allows remote attackers to access restricted information from other domains via JavaScript that uses the Object data type for the value of a (1) location or (2) location.href property, related to incorrect determination of the origin of web script, aka "Window Location Property Cross-Domain Vulnerability." NOTE: according to Microsoft, CVE-2008-2948 and CVE-2008-2949 are duplicates of this issue, probably different attack vectors.

Date published : 2008-06-30

http://www.securityfocus.com/bid/29960

http://www.us-cert.gov/cas/techalerts/TA08-288A.html

CVE-2008-2947

Related

Recent Posts

Categories

Latest CWE

CVE-2008-2947

Share this:

Related

Recent Posts

Categories

Tags

Latest CWE