A cookiejacking vulnerability is present in Microsoft Internet Explorer 9 and before.Deprecated |
ID: oval:org.secpod.oval:def:1243 | Date: (C)2011-06-21 (M)2023-11-09 |
Class: VULNERABILITY | Family: windows |
The host is installed with Microsoft Internet Explorer browser and is prone to a cookiejacking vulnerability. A flaw is present in the browser, which allows remote attacker to read cookie files via vectors involving an IFRAME element with a SRC attribute. Successful exploitation could allow a remote attacker to gain sensitive information like cookie value of the remote user.
Platform: |
Microsoft Windows 2000 |
Microsoft Windows 7 |
Microsoft Windows Server 2003 |
Microsoft Windows Server 2008 |
Microsoft Windows Vista |
Microsoft Windows XP |
Product: |
Microsoft Internet Explorer |