Vulnerability Information
Although we use advanced large model technology, its output may still contain inaccurate or outdated information.Shenlong tries to ensure data accuracy, but please verify and judge based on the actual situation.
Vulnerability Title
N/A
Vulnerability Description
The Microsoft Java implementation, as used in Internet Explorer, allows remote attackers to steal cookies and execute script in a different security context via a URL that contains a colon in the domain portion, which is not properly parsed and loads an applet from a malicious site within the security context of the site that is being visited by the user.
CVSS Information
N/A
Vulnerability Type
N/A
Vulnerability Title
Microsoft JVM URI解析漏洞
Vulnerability Description
Microsoft JVM是一款使用在Win32操作环境中的Java虚拟机系统,Microsoft JVM包含在大部分Windows版本中,也既包含在大部分Internet Explorer版本中。Microsoft JVM有时也可以通过独立下载获得。 Microsoft JVM解析URI内容时缺少检查,远程攻击者可以利用这个漏洞欺骗目标用户,窃取目标用户基于认证的Cookie信息。 如果URI中包含冒号用于指定端口号,Java代码处理时就会发生错误。如使用户把地址 80@www.bank.com/ban
CVSS Information
N/A
Vulnerability Type
N/A