Guest Dan Posted July 8, 2008 Posted July 8, 2008 I thought I would post the security advisories here for those of us using Internet Explorer since many of us dual-boot with Windows XP. It is nice that Mozilla Firefox vulnerabilities have been addressed with the newest version but it looks like it is time for Microsoft to have security updates with Internet Explorer. http://www.us-cert.gov/cas/bulletins/SB08-189.html Microsoft -- Internet Explorer Cross-domain vulnerability in Microsoft Internet Explorer 6 allows remote attackers to access restricted information from other domains via JavaScript that uses the Object data type for the value of a (1) location or (2) location.href property. unknown 2008-06-30 6.8 CVE-2008-2947 OTHER-REF OTHER-REF CERT-VN BID XF Microsoft -- Internet Explorer Cross-domain vulnerability in Microsoft Internet Explorer 7 and 8 allows remote attackers to change the location property of a frame via the Object data type, and use a frame from a different domain to observe domain-independent events, as demonstrated by observing onkeydown events with caballero-listener. unknown 2008-06-30 6.8 CVE-2008-2948 OTHER-REF OTHER-REF OTHER-REF OTHER-REF CERT-VN Microsoft -- Internet Explorer Cross-domain vulnerability in Microsoft Internet Explorer 6 and 7 allows remote attackers to change the location property of a frame via the String data type, and use a frame from a different domain to observe domain-independent events, as demonstrated by observing onkeydown events with caballero-listener. unknown 2008-06-30 6.8 CVE-2008-2949 OTHER-REF OTHER-REF OTHER-REF CERT-VN
Recommended Posts