HTML Element Cross-Domain Vulnerability
Publish Date: 21 luglio 2015
Gravità: : Medio
Identificatori CVE: CVE-2010-0494,MS10-018
Data notifica: 21 luglio 2015
Descrizione
Cross-domain vulnerability in Microsoft Internet Explorer 6, 6 SP1, 7, and 8 allows user-assisted remote attackers to bypass the Same Origin Policy and conduct cross-site scripting (XSS) attacks via a crafted HTML document in a situation where the client user drags one browser window across another browser window, aka "HTML Element Cross-Domain Vulnerability."
Informazioni esposizione:
Apply associated Trend Micro DPI Rules.
Soluzioni
Trend Micro Deep Security DPI Rule Number: 1004069
Trend Micro Deep Security DPI Rule Name: 1004069 - HTML Element Cross-Domain Vulnerability
Software e versione interessati:
- microsoft ie 6
- microsoft ie 7
- microsoft ie 8
- microsoft ie 8.0.6001
- microsoft windows_2000
- microsoft windows_2003_server
- microsoft windows_7 -
- microsoft windows_server_2003
- microsoft windows_server_2008
- microsoft windows_vista
- microsoft windows_vista -
- microsoft windows_xp
- microsoft windows_xp -