Release DateOct 16, 2008 |
Severitymedium |
ImpactSecurity Bypass: remote attackers can bypass security checking of vulnerable systems. |
DescriptionThis indicates an attempt to exploit a security bypass vulnerability in Microsoft Internet Explorer (IE).A vulnerability has been reported in IE that may allow an attacker to bypass security checking on a vulnerable system. This is possible because the vulnerable software fails to properly sanitize the Event Handling method used by malicious scripts. An attacker may access some objects in another domain or steal private information by tricking the user to access a malicious web page. |
Affected ProductsInternet Explorer 6Internet Explorer 6 Service Pack 1 Internet Explorer 7 |
Recommended ActionsRefer to the vendor's web site for suggested workaround.http://www.microsoft.com/technet/security/Bulletin/ms08-058.mspx |
Coverage IPS
VCM |
Common Vulnerabilities and Exposures (CVE)CVE-2008-3473 |
Reference/shttp://www.microsoft.com/technet/security/Bulletin/ms08-058.mspx (MS-ID) |
