Microsoft Internet Explorer Cross Domain Information Disclosure Vulnerabilities


Microsoft Internet Explorer 6 through 11 allows remote attackers to read content from a different (1) domain or (2) zone via a crafted web site, aka ‘Internet Explorer Cross-domain Information Disclosure Vulnerability.’


The information has been provided by James Forshaw of Context Information Security.


Vulnerable Systems:
 * Microsoft Internet Explorer 6 through 11

Immune Systems:
 * Microsoft Internet Explorer after 11

Microsoft Internet Explorer is prone to a cross-domain information-disclosure vulnerability. An attacker can exploit this issue to view content from a browser window in another domain or security zone. This may allow the attacker to obtain sensitive information or aid in further attacks.

CVE Information:

Disclosure Timeline:
Original release date: 11/11/2014
Last revised: 12/30/2014

Categories: Windows