Windows : Microsoft Internet Explorer Information Disclosure Vulnerability (2501696)

Anfälligkeitssuche		Suche in 324607 CVE Beschreibungen und 146377 Test Beschreibungen, Zugriff auf 10,000+ Quellverweise.
	Tests CVE Alle

Test Kennung: 1.3.6.1.4.1.25623.1.0.902285

Kategorie: Windows

Titel: Microsoft Internet Explorer Information Disclosure Vulnerability (2501696)

Zusammenfassung: Internet Explorer is prone to an information disclosure vulnerability.;; This VT has been deprecated and replaced by the VT with the OID: 1.3.6.1.4.1.25623.1.0.902409.

Beschreibung: Summary:
Internet Explorer is prone to an information disclosure vulnerability.

This VT has been deprecated and replaced by the VT with the OID: 1.3.6.1.4.1.25623.1.0.902409.

Vulnerability Insight:
The vulnerability exists due to the way MHTML interprets MIME-formatted
requests for content blocks within a document, which allows an attacker to
inject a client-side script in the response of a Web request run in the
context of the victim's Internet Explorer.

Vulnerability Impact:
Successful exploitation will allow remote attackers to spoof content,
disclose information or take any action that the user could take on the
affected Web site on behalf of the targeted user.

Affected Software/OS:
Internet Explorer Version 5.x, 6.x, 7.x and 8.x

Solution:
Apply the update from the referenced advisory.

CVSS Score:
4.3

CVSS Vector:
AV:N/AC:M/Au:N/C:N/I:P/A:N

Querverweis: Common Vulnerability Exposure (CVE) ID: CVE-2011-0096
BugTraq ID: 46055
http://www.securityfocus.com/bid/46055
Cert/CC Advisory: TA11-102A
http://www.us-cert.gov/cas/techalerts/TA11-102A.html
CERT/CC vulnerability note: VU#326549
http://www.kb.cert.org/vuls/id/326549
http://www.exploit-db.com/exploits/16071
http://www.80vul.com/webzine_0x05/0x05%20IE%E4%B8%8BMHTML%E5%8D%8F%E8%AE%AE%E5%B8%A6%E6%9D%A5%E7%9A%84%E8%B7%A8%E5%9F%9F%E5%8D%B1%E5%AE%B3.html
Microsoft Security Bulletin: MS11-026
https://docs.microsoft.com/en-us/security-updates/securitybulletins/2011/ms11-026
http://osvdb.org/70693
https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A6956
http://www.securitytracker.com/id?1025003
http://secunia.com/advisories/43093
http://www.vupen.com/english/advisories/2011/0242
XForce ISS Database: ms-win-mhtml-info-disclosure(65000)
https://exchange.xforce.ibmcloud.com/vulnerabilities/65000

Copyright Copyright (C) 2011 Greenbone AG

Dies ist nur einer von 146377 Anfälligkeitstests in unserem Testpaket. Finden Sie mehr über unsere vollständigen Sicherheitsüberprüfungen heraus.
Um einen gratis Test für diese Anfälligkeit auf Ihrem System durchlaufen zu lassen, registrieren Sie sich bitte unten.

Test Kennung:	1.3.6.1.4.1.25623.1.0.902285
Kategorie:	Windows
Titel:	Microsoft Internet Explorer Information Disclosure Vulnerability (2501696)
Zusammenfassung:	Internet Explorer is prone to an information disclosure vulnerability.;; This VT has been deprecated and replaced by the VT with the OID: 1.3.6.1.4.1.25623.1.0.902409.
Beschreibung:	Summary: Internet Explorer is prone to an information disclosure vulnerability. This VT has been deprecated and replaced by the VT with the OID: 1.3.6.1.4.1.25623.1.0.902409. Vulnerability Insight: The vulnerability exists due to the way MHTML interprets MIME-formatted requests for content blocks within a document, which allows an attacker to inject a client-side script in the response of a Web request run in the context of the victim's Internet Explorer. Vulnerability Impact: Successful exploitation will allow remote attackers to spoof content, disclose information or take any action that the user could take on the affected Web site on behalf of the targeted user. Affected Software/OS: Internet Explorer Version 5.x, 6.x, 7.x and 8.x Solution: Apply the update from the referenced advisory. CVSS Score: 4.3 CVSS Vector: AV:N/AC:M/Au:N/C:N/I:P/A:N
Querverweis:	Common Vulnerability Exposure (CVE) ID: CVE-2011-0096 BugTraq ID: 46055 http://www.securityfocus.com/bid/46055 Cert/CC Advisory: TA11-102A http://www.us-cert.gov/cas/techalerts/TA11-102A.html CERT/CC vulnerability note: VU#326549 http://www.kb.cert.org/vuls/id/326549 http://www.exploit-db.com/exploits/16071 http://www.80vul.com/webzine_0x05/0x05%20IE%E4%B8%8BMHTML%E5%8D%8F%E8%AE%AE%E5%B8%A6%E6%9D%A5%E7%9A%84%E8%B7%A8%E5%9F%9F%E5%8D%B1%E5%AE%B3.html Microsoft Security Bulletin: MS11-026 https://docs.microsoft.com/en-us/security-updates/securitybulletins/2011/ms11-026 http://osvdb.org/70693 https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A6956 http://www.securitytracker.com/id?1025003 http://secunia.com/advisories/43093 http://www.vupen.com/english/advisories/2011/0242 XForce ISS Database: ms-win-mhtml-info-disclosure(65000) https://exchange.xforce.ibmcloud.com/vulnerabilities/65000
Copyright	Copyright (C) 2011 Greenbone AG