Microsoft : Security Vulnerabilities, CVEs, Published In December 2011 (Information Leak)

CVE-2011-3404

Microsoft Internet Explorer 6 through 9 does not properly use the Content-Disposition HTTP header to control rendering of the HTTP response body, which allows remote attackers to read content from a different (1) domain or (2) zone via a crafted web site, aka "Content-Disposition Information Disclosure Vulnerability."
Max CVSS
4.3
EPSS Score
1.27%
Published
2011-12-14
Updated
2022-03-01

CVE-2011-1992

The XSS Filter in Microsoft Internet Explorer 8 allows remote attackers to read content from a different (1) domain or (2) zone via a "trial and error" attack, aka "XSS Filter Information Disclosure Vulnerability."
Max CVSS
4.3
EPSS Score
9.56%
Published
2011-12-14
Updated
2022-03-01

CVE-2002-2435

The Cascading Style Sheets (CSS) implementation in Microsoft Internet Explorer 8.0 and earlier does not properly handle the :visited pseudo-class, which allows remote attackers to obtain sensitive information about visited web pages via a crafted HTML document, a related issue to CVE-2010-2264.
Max CVSS
4.3
EPSS Score
0.58%
Published
2011-12-07
Updated
2021-07-23
3 vulnerabilities found
This web site uses cookies for managing your session, storing preferences, website analytics and additional purposes described in our privacy policy.
By using this web site you are agreeing to CVEdetails.com terms of use!
Accept Close