Microsoft Internet Explorer Cross-Domain Information Disclosure Vulnerabilities


Microsoft Internet Explorer 9 and 10 allows remote attackers to read content from a different (1) domain or (2) zone via a crafted web site, aka ‘Internet Explorer Cross-domain Information Disclosure Vulnerability.’


The information has been provided by Takeshi Terada .


Vulnerable Systems:
 * Microsoft Internet Explorer 9 and 10

Microsoft Internet Explorer could allow a remote attacker to obtain sensitive information, caused by the failure to properly enforce cross-domain policies. By persuading a victim to visit a specially-crafted Web site, an attacker could exploit this vulnerability to view content from another domain or Internet Explorer zone.

CVE Information:

Disclosure Timeline:
Original release date: 11/11/2014
Last revised: 12/30/2014

Categories: Windows