Vulnerability Information
Although we use advanced large model technology, its output may still contain inaccurate or outdated information.Shenlong tries to ensure data accuracy, but please verify and judge based on the actual situation.
Vulnerability Title
N/A
Vulnerability Description
Microsoft Internet Explorer 5.01 SP4; 6 SP1; 6 and 7 for Windows XP SP2 and SP3; 6 and 7 for Server 2003 SP2; 7 for Vista Gold, SP1, and SP2; and 7 for Server 2008 SP2 does not prevent HTML rendering of cached content, which allows remote attackers to bypass the Same Origin Policy via unspecified vectors, aka "Cross-Domain Information Disclosure Vulnerability."
CVSS Information
N/A
Vulnerability Type
N/A
Vulnerability Title
Microsoft IE缓存内容跨域信息泄露漏洞
Vulnerability Description
Internet Explorer是Windows操作系统中默认捆绑的WEB浏览器 。 如果以UNC形式指定了URI(如\MACHINE_NAME_OR_IPPATH_TO_RESOURCE)的话,IE强制区域安全策略的方式存在一些问题。在这种情况下,IE将任何指向IP地址(包括127.0.0.1)的UNC地址归类为Internet区,因此,属于任何安全区域的任意网站可以将导航流重新定向到\127.0.0.1上所存储的文件。 如果控制了网站的攻击者能够设法在用户的本地文件系统上存储包含有脚本代码的HTML
CVSS Information
N/A
Vulnerability Type
N/A