Lumension® Endpoint Intelligence Center

Intelligence Center » Browse All Vulnerabilities » CVE-2011-4689

Overview

Vulnerability Score 5.0 5.0
CVE Id CVE-2011-4689
Last Modified 06 Mar 2012 12:00:00
Published 07 Dec 2011 02:55:03
Confidentiality Impact PARTIAL PARTIAL
Integrity Impact NONE NONE
Availability Impact NONE NONE
Access Vector NETWORK
Access Complexity LOW
Authentication NONE

CVE-2011-4689

Summary

Microsoft Internet Explorer 6 through 9 does not prevent capture of data about the times of Same Origin Policy violations during IFRAME loading attempts, which makes it easier for remote attackers to determine whether a document exists in the browser cache via crafted JavaScript code.

Vulnerable Systems

Application

  • Microsoft Ie 6

  • Microsoft Ie 7

  • Microsoft Ie 8

  • Microsoft Ie 9


References

SECUNIA - 47129

MISC - http://lcamtuf.coredump.cx/cachetime/


Last Updated: 27 May 2016 10:57:50