Microsoft Internet Explorer Information Disclosure Vulnerability (980088) Network Vulnerability

Summary

The host is installed with Internet Explorer and is prone to Information Disclosure vulnerability. This NVT has been replaced by NVT secpod_ms10-035.nasl (OID:1.3.6.1.4.1.25623.1.0.902191).

Impact

Successful exploitation will allow remote attackers to gain knowledge of sensitive information. Impact Level:System/ Application

Solution

Apply the patch from below link, http://support.microsoft.com/kb/980088 Workaround: Apply workaround as in the advisory.

Insight

The issue is due to the browser failing to prevent local content from being rendered as HTML via the 'file://' protocol, which could allow attackers to access files with an already known filename and location on a vulnerable system.

Affected

Internet Explorer Version 5.x, 6.x, 7.x , 8.x

References

http://support.microsoft.com/kb/980088
http://www.microsoft.com/technet/security/advisory/980088.mspx
http://www.vupen.com/english/advisories/2010/0291

Updated on 2015-03-25

Severity

Classification

CVE CVE-2010-0255

CVSS	Base Score: 4.3 AV:N/AC:M/Au:N/C:P/I:N/A:N

Related Vulnerabilities

Apache Tomcat Default Accounts
Aardvark Topsites Multiple Vulnerabilities
Apple Safari Multiple Memory Corruption Vulnerabilities-01 Aug14 (Mac OS X)
Adobe Reader Information Disclosure & Denial of Service Vulnerabilities (Windows)
Adobe Products Unspecified Cross-Site Scripting Vulnerability June-2011 (Windows)

Take action and discover your vulnerabilities