| Revision Date: | 2015-08-03 | Version: | 51 | | Title: | Window Location Information Disclosure Vulnerability | | Description: | Microsoft Internet Explorer 5.01 and 6 allows certain script to persist across navigations between pages, which allows remote attackers to obtain the window location of visited web pages in other domains or zones, aka "Window Location Information Disclosure Vulnerability." | | Family: | windows | Class: | vulnerability | | Status: | ACCEPTED | Reference(s): | CVE-2006-3640
| | Platform(s): | Microsoft Windows 2000
Microsoft Windows Server 2003
Microsoft Windows XP
| Product(s): | Microsoft Internet Explorer
| | Definition Synopsis | | Server 2003-Gold Microsoft Windows Server 2003 (x86) Gold is installed
AND Microsoft Internet Explorer 6 is installed
AND the version of mshtml.dll is less than 6.0.3790.554
XP,SP1 (64-bit) and Server 2003, SP1
Windows XP (64-bit,SP1) or Server 2003 (SP1) is installed
Microsoft Windows XP SP1 (64-bit) is installed
OR Microsoft Windows Server 2003 SP1 (x86) is installed
AND Microsoft Internet Explorer 6 is installed
AND the version of mshtml.dll is less than 6.0.3790.2759
IE 6 on Windows XP,SP2
Microsoft Windows XP SP2 or later is installed
AND Microsoft Internet Explorer 6 is installed
AND Mshtml.dll version is less than 6.0.2900.2963
IE 6 on Windows 2000 or XP,SP1 (32-bit)
Win2K,SP4 or XP,SP1 (32-bit) is installed
Microsoft Windows 2000 SP4 or later is installed
OR Microsoft Windows XP SP1 (32-bit) is installed
AND Microsoft Internet Explorer 6 is installed
AND the version of mshtml.dll is less than 6.0.2800.1561
IE 5.01,SP4 on Win2k,SP4
Microsoft Windows 2000 SP4 or later is installed
AND Microsoft Internet Explorer 5.01 SP4 is installed
AND the version of mshtml.dll is less than 5.0.3842.3000
|
|