Strike ID:
E12-30a01
CVSS:
4.3 (AV:N/AC:M/Au:N/C:P/I:N/A:N)
False Positive:
t
Variants:
21
Year:
2012

Description

This strike exploits an information disclosure vulnerability in Internet Explorer. The vulnerability is due to a lack of permission enforcement on content sourced from outside the current domain. By specially crafting a web page, an attacker could exploit this vulnerability to access content outside any current domain, or Internet Explorer Zone, security settings.

CVE

MSB

BID

OSVDB

79265