New Search

Event Handler Cross-Domain Vulnerability

oval:org.mitre.oval:def:11954

Microsoft Internet Explorer 6 7 and 8 does not properly determine the origin of script code which allows remote attackers to execute script in an unintended domain or security zone and obtain sensitive information via unspecified vectors aka "Event Handler Cross-Domain Vulnerability."

Family:
windows
Status:
ACCEPTED
Platform(s):
  • Microsoft Windows Server 2008
  • Microsoft Windows Server 2003
  • Microsoft Windows XP
  • Microsoft Windows Vista
  • Microsoft Windows 7
  • Microsoft Windows Server 2008 R2
Class:
vulnerability
Reference(s):
  • CVE-2010-1258
Product(s):
  • Microsoft Internet Explorer 7
  • Microsoft Internet Explorer 6
  • Microsoft Internet Explorer 8