Microsoft Internet Explorer Domain Policy Bypass Vulnerability Network Vulnerability

Summary

This host is installed with Microsoft Internet Explorer and is prone to domain policy bypass vulnerability.

Impact

Successful exploitation will allow attackers to disclosure the information when a user views a specially crafted webpage. Impact Level: Application

Solution

Upgrade to Internet Explorer 10. For updates refer to http://ie.microsoft.com/testdrive/info/downloads

Insight

The flaw due to error in UNC share pathname in SRC attribute of a SCRIPT element, which allows attackers to obtain sensitive information about the existence of files and read certain data from files.

Affected

Microsoft Internet Explorer version 6.x/7.x/8.x/9.x on Windows XP and 2003

References

http://www.security-database.com/detail.php?alert=CVE-2012-6502

Updated on 2017-03-28

Severity

Classification

CVE CVE-2012-6502

CVSS	Base Score: 2.6 AV:N/AC:H/Au:N/C:P/I:N/A:N

Related Vulnerabilities

Microsoft's SQL UDP Info Query
SMB Test
SMB Registry : Windows Service Pack version
SMB Windows Detection
RIS Installation Check

Take action and discover your vulnerabilities