Anfälligkeitssuche        Suche in 187964 CVE Beschreibungen
und 85075 Test Beschreibungen,
Zugriff auf 10,000+ Quellverweise.
Tests   CVE   Alle  

Test Kennung:1.3.6.1.4.1.25623.1.0.800208
Kategorie:Windows
Titel:Microsoft Internet Explorer Anti-XSS Filter Vulnerabilities
Zusammenfassung:The host is installed with Internet Explorer and is prone to; anti-xss filter vulnerabilities.
Beschreibung:Summary:
The host is installed with Internet Explorer and is prone to
anti-xss filter vulnerabilities.

Vulnerability Insight:
These flaws are due to,

- Injections facilitated by some HTTP headers are not currently blocked.

- Injections into some contexts are not blocked where contents can be
injected directly into JavaScript without breaking out a string.

- Allowing access to the attacker to inject XSS string in 2 different HTML
positions.

- It lets the attacker execute XSS attacks using CRLF sequence in
conjunction with a crafted Content-Type header.

Vulnerability Impact:
Successful exploitation will let the attacker execute arbitrary codes in the
context of the application and can perform the XSS attacks on the remote hosts without any consent of IE.

Affected Software/OS:
Microsoft Windows Platform with Internet Explorer 8.0 Beta 2.

Solution:
No known solution was made available for at least one year since the disclosure of
this vulnerability. Likely none will be provided anymore. General solution options are to upgrade to a newer release,
disable respective features, remove the product or replace the product by another one.

CVSS Score:
4.3

CVSS Vector:
AV:N/AC:M/Au:N/C:N/I:P/A:N

Querverweis: BugTraq ID: 32780
Common Vulnerability Exposure (CVE) ID: CVE-2008-5551
http://www.securityfocus.com/bid/32780
Bugtraq: 20081211 Aspect9: Internet Explorer 8.0 Beta 2 Anti-XSS Filter Vulnerabilities (Google Search)
http://www.securityfocus.com/archive/1/499124/100/0/threaded
http://securityreason.com/securityalert/4724
XForce ISS Database: ie-antixss-xss(47277)
https://exchange.xforce.ibmcloud.com/vulnerabilities/47277
Common Vulnerability Exposure (CVE) ID: CVE-2008-5552
XForce ISS Database: ie-contenttype-xss-filter-bypass(47441)
https://exchange.xforce.ibmcloud.com/vulnerabilities/47441
Common Vulnerability Exposure (CVE) ID: CVE-2008-5553
XForce ISS Database: ie-xxssprotection-xss-filter-bypass(47442)
https://exchange.xforce.ibmcloud.com/vulnerabilities/47442
Common Vulnerability Exposure (CVE) ID: CVE-2008-5554
XForce ISS Database: ie-locationsetcookie-xss-filter-bypass(47443)
https://exchange.xforce.ibmcloud.com/vulnerabilities/47443
Common Vulnerability Exposure (CVE) ID: CVE-2008-5555
XForce ISS Database: ie-xdomainrequestallowed-xss-filter-bypass(47444)
https://exchange.xforce.ibmcloud.com/vulnerabilities/47444
Common Vulnerability Exposure (CVE) ID: CVE-2008-5556
CopyrightCopyright (C) 2008 Greenbone Networks GmbH

Dies ist nur einer von 85075 Anfälligkeitstests in unserem Testpaket. Finden Sie mehr über unsere vollständigen Sicherheitsüberprüfungen heraus.

Um einen gratis Test für diese Anfälligkeit auf Ihrem System durchlaufen zu lassen, registrieren Sie sich bitte unten.




© 1998-2020 E-Soft Inc. Alle Rechte vorbehalten.