5.8
CVE-2011-1244
- EPSS 15.14%
- Veröffentlicht 13.04.2011 18:55:01
- Zuletzt bearbeitet 16.06.2026 23:29:00
- Quelle secure@microsoft.com
- CVE-Watchlists
- Unerledigt
Microsoft Internet Explorer 6, 7, and 8 does not enforce intended domain restrictions on content access, which allows remote attackers to obtain sensitive information or conduct clickjacking attacks via a crafted web site, aka "Frame Tag Information Disclosure Vulnerability."
Daten sind bereitgestellt durch National Vulnerability Database (NVD)
Microsoft ≫ Internet Explorer Version6
Microsoft ≫ Windows Server 2003 Version- Updatesp2
Microsoft ≫ Windows Xp Version- Updatesp2 HwPlatformx64
Microsoft ≫ Windows Xp Version- Updatesp3
Microsoft ≫ Windows Xp Version- Updatesp2 HwPlatformx64
Microsoft ≫ Windows Xp Version- Updatesp3
Microsoft ≫ Internet Explorer Version7
Microsoft ≫ Windows Server 2003 Version- Updatesp2
Microsoft ≫ Windows Server 2008 Version- Update-
Microsoft ≫ Windows Server 2008 Version- Updatesp2
Microsoft ≫ Windows Vista Version- Updatesp1
Microsoft ≫ Windows Vista Version- Updatesp2
Microsoft ≫ Windows Xp Version- Updatesp2 SwEditionprofessional HwPlatformx64
Microsoft ≫ Windows Xp Version- Updatesp3
Microsoft ≫ Windows Server 2008 Version- Update-
Microsoft ≫ Windows Server 2008 Version- Updatesp2
Microsoft ≫ Windows Vista Version- Updatesp1
Microsoft ≫ Windows Vista Version- Updatesp2
Microsoft ≫ Windows Xp Version- Updatesp2 SwEditionprofessional HwPlatformx64
Microsoft ≫ Windows Xp Version- Updatesp3
Microsoft ≫ Internet Explorer Version8
Microsoft ≫ Windows 7 Version-
Microsoft ≫ Windows Server 2003 Version- Updatesp2
Microsoft ≫ Windows Server 2008 Version- Update-
Microsoft ≫ Windows Server 2008 Version- Updatesp2
Microsoft ≫ Windows Server 2008 Versionr2
Microsoft ≫ Windows Vista Version- Updatesp1
Microsoft ≫ Windows Vista Version- Updatesp2
Microsoft ≫ Windows Xp Version- Updatesp2 SwEditionprofessional HwPlatformx64
Microsoft ≫ Windows Xp Version- Updatesp3
Microsoft ≫ Windows Server 2003 Version- Updatesp2
Microsoft ≫ Windows Server 2008 Version- Update-
Microsoft ≫ Windows Server 2008 Version- Updatesp2
Microsoft ≫ Windows Server 2008 Versionr2
Microsoft ≫ Windows Vista Version- Updatesp1
Microsoft ≫ Windows Vista Version- Updatesp2
Microsoft ≫ Windows Xp Version- Updatesp2 SwEditionprofessional HwPlatformx64
Microsoft ≫ Windows Xp Version- Updatesp3
| Typ | Quelle | Score | Percentile |
|---|---|---|---|
| EPSS | FIRST.org | 15.14% | 0.963 |
| Quelle | Base Score | Exploit Score | Impact Score | Vector String |
|---|---|---|---|---|
| nvd@nist.gov | 5.8 | 8.6 | 4.9 |
AV:N/AC:M/Au:N/C:P/I:P/A:N
|
CWE-1021 Improper Restriction of Rendered UI Layers or Frames
The web application does not restrict or incorrectly restricts frame objects or UI layers that belong to another application or domain.
https://docs.microsoft.com/en-us/security-updates/securitybulletins/2011/ms11-018
http://www.securitytracker.com/id?1025327
http://osvdb.org/71777
http://www.securityfocus.com/bid/47191
https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A11926