| Revision Date: | 2014-08-18 | Version: | 51 | | Title: | XSS Filter Script Handling Vulnerability | | Description: | The XSS Filter in Microsoft Internet Explorer 8 allows remote attackers to leverage the "response-changing mechanism" to conduct cross-site scripting (XSS) attacks against web sites that have no inherent XSS vulnerabilities, related to the details of output encoding and improper modification of an HTML attribute, aka "XSS Filter Script Handling Vulnerability." | | Family: | windows | Class: | vulnerability | | Status: | ACCEPTED | Reference(s): | CVE-2009-4074
| | Platform(s): | Microsoft Windows 7
Microsoft Windows Server 2003
Microsoft Windows Server 2008
Microsoft Windows Server 2008 R2
Microsoft Windows Vista
Microsoft Windows XP
| Product(s): | Microsoft Internet Explorer
| | Definition Synopsis | | IE8/XP x86/x64, Server 2003 x86/x64 XP x86/x64, Server 2003 x86/x64
Microsoft Windows XP (32-bit) is installed
OR Microsoft Windows XP x64 is installed
OR Microsoft Windows Server 2003 (32-bit) is installed
OR Microsoft Windows Server 2003 (x64) is installed
AND Microsoft Internet Explorer 8 is installed
AND Mshtml.dll version is greater than 8.0.6001.18000
AND Mshtml.dll version is less than 8.0.6001.18876
OR IE8/XP x86/x64, Server 2003 x86/x64
XP x86/x64, Server 2003 x86/x64
Microsoft Windows XP (32-bit) is installed
OR Microsoft Windows XP x64 is installed
OR Microsoft Windows Server 2003 (32-bit) is installed
OR Microsoft Windows Server 2003 (x64) is installed
AND Microsoft Internet Explorer 8 is installed
AND Mshtml.dll version is greater than 8.0.6001.22000
AND Mshtml.dll version is less than 8.0.6001.22967
OR IE8/Vista x86/x64, Server 2008 x86/x64
Vista x86/x64, Server 2008 x86/x64
Microsoft Windows Vista (32-bit) is installed
OR Microsoft Windows Vista x64 Edition is installed
OR Microsoft Windows Server 2008 (32-bit) is installed
OR Microsoft Windows Server 2008 (64-bit) is installed
AND Microsoft Internet Explorer 8 is installed
AND Mshtml.dll version is greater than 8.0.6001.18000
AND Mshtml.dll version is less than 8.0.6001.18882
OR IE8/Vista x86/x64, Server 2008 x86/x64
Vista x86/x64, Server 2008 x86/x64
Microsoft Windows Vista (32-bit) is installed
OR Microsoft Windows Vista x64 Edition is installed
OR Microsoft Windows Server 2008 (32-bit) is installed
OR Microsoft Windows Server 2008 (64-bit) is installed
AND Microsoft Internet Explorer 8 is installed
AND Mshtml.dll version is greater than 8.0.6001.22000
AND Mshtml.dll version is less than 8.0.6001.22973
OR IE8/7 x86/x64, Server 2008 R2 x64/ia64
7 x86/x64, Server 2008 R2 x64/ia64
Microsoft Windows 7 (32-bit) is installed
OR Microsoft Windows 7 x64 Edition is installed
OR Microsoft Windows Server 2008 R2 x64 Edition is installed
OR Microsoft Windows Server 2008 R2 Itanium-Based Edition is installed
AND Microsoft Internet Explorer 8 is installed
AND Mshtml.dll version is greater than or equal 8.0.7600.16000
AND Mshtml.dll version is less than 8.0.7600.16490
OR IE8/7 x86/x64, Server 2008 R2 x64/ia64
7 x86/x64, Server 2008 R2 x64/ia64
Microsoft Windows 7 (32-bit) is installed
OR Microsoft Windows 7 x64 Edition is installed
OR Microsoft Windows Server 2008 R2 x64 Edition is installed
OR Microsoft Windows Server 2008 R2 Itanium-Based Edition is installed
AND Microsoft Internet Explorer 8 is installed
AND Mshtml.dll version is greater than or equal 8.0.7600.20000
AND Mshtml.dll version is less than 8.0.7600.20600
|
|