Trend Micro Security

HTML Element Cross-Domain Vulnerability

2015年7月21日
  危険度: :
  CVE識別番号: CVE-2010-0494,MS10-018

  概要

Cross-domain vulnerability in Microsoft Internet Explorer 6, 6 SP1, 7, and 8 allows user-assisted remote attackers to bypass the Same Origin Policy and conduct cross-site scripting (XSS) attacks via a crafted HTML document in a situation where the client user drags one browser window across another browser window, aka "HTML Element Cross-Domain Vulnerability."

  トレンドマイクロの対策

Apply associated Trend Micro DPI Rules.

  対応方法

  Trend Micro Deep Security DPI Rule Number: 1004069
  Trend Micro Deep Security DPI Rule Name: 1004069 - HTML Element Cross-Domain Vulnerability

  影響を受けるソフトウェア

  • microsoft ie 6
  • microsoft ie 7
  • microsoft ie 8
  • microsoft ie 8.0.6001
  • microsoft windows_2000
  • microsoft windows_2003_server
  • microsoft windows_7 -
  • microsoft windows_server_2003
  • microsoft windows_server_2008
  • microsoft windows_vista
  • microsoft windows_vista -
  • microsoft windows_xp
  • microsoft windows_xp -