Test Kennung:	1.3.6.1.4.1.25623.1.0.902246
Kategorie:	Windows
Titel:	Microsoft Internet Explorer 'toStaticHTML()' XSS Vulnerability
Zusammenfassung:	Internet Explorer is prone to a cross-site scripting (XSS); vulnerability.;; This VT has been deprecated and replaced by the VT with the OID: 1.3.6.1.4.1.25623.1.0.901162.
Beschreibung:	Summary: Internet Explorer is prone to a cross-site scripting (XSS) vulnerability. This VT has been deprecated and replaced by the VT with the OID: 1.3.6.1.4.1.25623.1.0.901162. Vulnerability Insight: The flaw is due to error in the 'toStaticHTML()' which is not properly handling the 'Cascading Style Sheets (CSS)'. Vulnerability Impact: Successful exploitation will allow remote attackers to bypass the cross-site scripting (XSS) protection mechanism and conduct XSS attacks. Affected Software/OS: Microsoft Internet Explorer version 8.x to 8.0.6001.18702. Solution: The vendor has released updates. Please see the references for more information. CVSS Score: 4.3 CVSS Vector: AV:N/AC:M/Au:N/C:N/I:P/A:N
Querverweis:	Common Vulnerability Exposure (CVE) ID: CVE-2010-3324 Cert/CC Advisory: TA10-285A http://www.us-cert.gov/cas/techalerts/TA10-285A.html http://archives.neohapsis.com/archives/fulldisclosure/2010-08/0179.html http://www.wooyun.org/bug.php?action=view&id=189 Microsoft Security Bulletin: MS10-071 https://docs.microsoft.com/en-us/security-updates/securitybulletins/2010/ms10-071 Microsoft Security Bulletin: MS10-072 https://docs.microsoft.com/en-us/security-updates/securitybulletins/2010/ms10-072 https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A7297
Copyright	Copyright (C) 2010 Greenbone AG

Dies ist nur einer von 146377 Anfälligkeitstests in unserem Testpaket. Finden Sie mehr über unsere vollständigen Sicherheitsüberprüfungen heraus. Um einen gratis Test für diese Anfälligkeit auf Ihrem System durchlaufen zu lassen, registrieren Sie sich bitte unten.