Microsoft Internet Explorer Cross-Domain Obtain Sensitive Information Vulnerabilities

Summary

Microsoft Internet Explorer 8 through 11 allows remote attackers to read content from a different (1) domain or (2) zone via a crafted web site, aka ‘Internet Explorer Cross-domain Information Disclosure Vulnerability.’

Credit:

The information has been provided by Takeshi Terada .


Details

Vulnerable Systems:
 * Microsoft Internet Explorer 8 through 11

Microsoft Internet Explorer could allow a remote attacker to obtain sensitive information, caused by the failure to properly enforce cross-domain policies. By persuading a victim to visit a specially-crafted Web site, an attacker could exploit this vulnerability to view content from another domain or Internet Explorer zone.

CVE Information:
CVE-2014-6346

Disclosure Timeline:
Original release date: 11/11/2014
Last revised: 12/30/2014

Categories: Windows