NVD

Id
61959  
Name
CVE-2006-3280  
Description
Cross-domain vulnerability in Microsoft Internet Explorer 6.0 allows remote attackers to access restricted information from other domains via an object tag with a data parameter that references a link on the attacker"s originating site that specifies a Location HTTP header that references the target site, which then makes that content available through the outerHTML attribute of the object, aka "Redirect Cross-Domain Information Disclosure Vulnerability."  
Reject
 
CVSS Version
2  
CVSS Score
7.5  
Severity
High  
CVSS Base Score
7.5  
CVSS Impact Subscore
6.4  
CVSS Exploit Subscore
10  
CVSS Vector
(AV:N/AC:L/Au:N/C:P/I:P/A:P)  
Pub Date
2016-12-20  
Published
2006-06-28  
Modified Date
2011-03-07  
Seq
2006-3280  

Actions

Related NVD References

Id NVD Id NVD No. Reference Actions
320741 61959 CVE-2006-3280 20060627 IE_ONE_MINOR_ONE_MAJOR  View
320742 61959 CVE-2006-3280 http://lists.grok.org.uk/pipermail/full-disclosure/attachments/20060627/3d930eda/PLEBO-2006.06.16-IE_ONE_MINOR_ONE_MAJOR.obj  View
320743 61959 CVE-2006-3280 oval:org.mitre.oval:def:738  View
320744 61959 CVE-2006-3280 1016388  View
320745 61959 CVE-2006-3280 VU#883108  View
320746 61959 CVE-2006-3280 MS06-042  View
320747 61959 CVE-2006-3280 20060630 Browser bugs hit IE, Firefox today (SANS)  View
320748 61959 CVE-2006-3280 20060630 Re: [Full-disclosure] Browser bugs hit IE, Firefox today (SANS)  View
320749 61959 CVE-2006-3280 20060630 ISC: Firefox immune to outerHTML flaw in MSIE [Was: Browser bugs hit IE, Firefox]  View
320750 61959 CVE-2006-3280 20060630 RE: [Full-disclosure] Browser bugs hit IE, Firefox today (SANS)  View
320751 61959 CVE-2006-3280 20060630 Re: Browser bugs hit IE, Firefox today (SANS)  View
320752 61959 CVE-2006-3280 20060704 Re: Browser bugs hit IE, Firefox today (SANS)  View
320753 61959 CVE-2006-3280 18682  View
320754 61959 CVE-2006-3280 TA06-220A  View
320755 61959 CVE-2006-3280 ADV-2006-2553  View
320756 61959 CVE-2006-3280 ADV-2006-3212  View
320757 61959 CVE-2006-3280 ie-redirection-information-disclosure(27452)  View

Related JVN

Id Name Title Summary Cveinfo Name Cveinfo Id Nvdinfo Name Nvdinfo Id Cvssv2 Cvssv3 Jvnurl Published Date Last Updated Date Actions
58161 JVNDB-2006-000357 Microsoft Internet Explorer における不適切な Object の処理によるサービス運用妨害 (DoS) の脆弱性 Microsoft Internet Explorer には、 Object 要素内のデータの取り扱いに不備があり、 gzip などで圧縮して配信される Web コンテンツにリダイレクトする処理が行われた場合、クロスドメインセキュリティモデルによる制限が適用されない脆弱性が存在します。 CVE-2006-3280 19382 CVE-2006-3280 61959 7.5 http://jvndb.jvn.jp/ja/contents/2006/JVNDB-2006-000357.html 2006-06-27 2007-04-01 View