Dan
July 8th 08, 12:21 PM
I thought I would post the security advisories here for those of us using
Internet Explorer since many of us dual-boot with Windows XP. It is nice
that Mozilla Firefox vulnerabilities have been addressed with the newest
version but it looks like it is time for Microsoft to have security updates
with Internet Explorer.
http://www.us-cert.gov/cas/bulletins/SB08-189.html
Microsoft -- Internet Explorer
Cross-domain vulnerability in Microsoft Internet Explorer 6 allows remote
attackers to access restricted information from other domains via JavaScript
that uses the Object data type for the value of a (1) location or (2)
location.href property.
unknown
2008-06-30
6.8 CVE-2008-2947
OTHER-REF
OTHER-REF
CERT-VN
BID
XF
Microsoft -- Internet Explorer
Cross-domain vulnerability in Microsoft Internet Explorer 7 and 8 allows
remote attackers to change the location property of a frame via the Object
data type, and use a frame from a different domain to observe
domain-independent events, as demonstrated by observing onkeydown events with
caballero-listener.
unknown
2008-06-30
6.8 CVE-2008-2948
OTHER-REF
OTHER-REF
OTHER-REF
OTHER-REF
CERT-VN
Microsoft -- Internet Explorer
Cross-domain vulnerability in Microsoft Internet Explorer 6 and 7 allows
remote attackers to change the location property of a frame via the String
data type, and use a frame from a different domain to observe
domain-independent events, as demonstrated by observing onkeydown events with
caballero-listener.
unknown
2008-06-30
6.8 CVE-2008-2949
OTHER-REF
OTHER-REF
OTHER-REF
CERT-VN
Internet Explorer since many of us dual-boot with Windows XP. It is nice
that Mozilla Firefox vulnerabilities have been addressed with the newest
version but it looks like it is time for Microsoft to have security updates
with Internet Explorer.
http://www.us-cert.gov/cas/bulletins/SB08-189.html
Microsoft -- Internet Explorer
Cross-domain vulnerability in Microsoft Internet Explorer 6 allows remote
attackers to access restricted information from other domains via JavaScript
that uses the Object data type for the value of a (1) location or (2)
location.href property.
unknown
2008-06-30
6.8 CVE-2008-2947
OTHER-REF
OTHER-REF
CERT-VN
BID
XF
Microsoft -- Internet Explorer
Cross-domain vulnerability in Microsoft Internet Explorer 7 and 8 allows
remote attackers to change the location property of a frame via the Object
data type, and use a frame from a different domain to observe
domain-independent events, as demonstrated by observing onkeydown events with
caballero-listener.
unknown
2008-06-30
6.8 CVE-2008-2948
OTHER-REF
OTHER-REF
OTHER-REF
OTHER-REF
CERT-VN
Microsoft -- Internet Explorer
Cross-domain vulnerability in Microsoft Internet Explorer 6 and 7 allows
remote attackers to change the location property of a frame via the String
data type, and use a frame from a different domain to observe
domain-independent events, as demonstrated by observing onkeydown events with
caballero-listener.
unknown
2008-06-30
6.8 CVE-2008-2949
OTHER-REF
OTHER-REF
OTHER-REF
CERT-VN