QwikSec

Security Database

CVE

CWE

Training

CVE Database
/

CVE-2006-3280

Back to search

CVE-2006-3280

Published: Jun 28, 2006

Modified: Aug 7, 2024

PUBLISHED

Description

Cross-domain vulnerability in Microsoft Internet Explorer 6.0 allows remote attackers to access restricted information from other domains via an object tag with a data parameter that references a link on the attacker's originating site that specifies a Location HTTP header that references the target site, which then makes that content available through the outerHTML attribute of the object, aka "Redirect Cross-Domain Information Disclosure Vulnerability."

VendorProductVersions

n/a

n/a

affected
n/a

References

20060627 IE_ONE_MINOR_ONE_MAJOR
mailing-list
x_refsource_FULLDISC
20825
third-party-advisory
x_refsource_SECUNIA
MS06-042
vendor-advisory
x_refsource_MS
VU#883108
third-party-advisory
x_refsource_CERT-VN
1016388
vdb-entry
x_refsource_SECTRACK
21396
third-party-advisory
x_refsource_SECUNIA
ADV-2006-3212
vdb-entry
x_refsource_VUPEN
TA06-220A
third-party-advisory
x_refsource_CERT
oval:org.mitre.oval:def:738
vdb-entry
signature
x_refsource_OVAL
18682
vdb-entry
x_refsource_BID
ADV-2006-2553
vdb-entry
x_refsource_VUPEN

Security Training

Train your team to recognize and prevent security threats with our comprehensive security awareness program.

Start Training

Vulnerability Scanning

Discover vulnerabilities in your applications and infrastructure before attackers do.

Scan Now