New Search

Post Encoding Information Disclosure Vulnerability

oval:org.mitre.oval:def:7840

Microsoft Internet Explorer 5.01 SP4 6 6 SP1 and 7 does not properly handle unspecified "encoding strings" which allows remote attackers to bypass the Same Origin Policy and obtain sensitive information via a crafted web site aka "Post Encoding Information Disclosure Vulnerability."

Family:
windows
Status:
ACCEPTED
Platform(s):
  • Microsoft Windows XP
  • Microsoft Windows Server 2008
  • Microsoft Windows Vista
  • Microsoft Windows Server 2003
  • Microsoft Windows 2000
Class:
vulnerability
Reference(s):
  • CVE-2010-0488
Product(s):
  • Microsoft Internet Explorer 5.01
  • Microsoft Internet Explorer 6
  • Microsoft Internet Explorer 7