Back to search
CVE-2007-1114
Published: Feb 26, 2007
Modified: Aug 7, 2024
PUBLISHED
Description
The child frames in Microsoft Internet Explorer 7 inherit the default charset from the parent window when a charset is not specified in an HTTP Content-Type header or META tag, which allows remote attackers to conduct cross-site scripting (XSS) attacks, as demonstrated using the UTF-7 character set.
| Vendor | Product | Versions |
|---|---|---|
n/a | n/a | affected n/a |
References
22701
vdb-entry
x_refsource_BID
24314
third-party-advisory
x_refsource_SECUNIA
20070223 Advisory 03/2007: Multiple Browsers Cross Domain Charset Inheritance Vulnerability
mailing-list
x_refsource_BUGTRAQ
http://www.hardened-php.net/advisory_032007.142.html
x_refsource_MISC
ADV-2007-0744
vdb-entry
x_refsource_VUPEN
32119
vdb-entry
x_refsource_OSVDB
Security Training
Train your team to recognize and prevent security threats with our comprehensive security awareness program.
Start TrainingVulnerability Scanning
Discover vulnerabilities in your applications and infrastructure before attackers do.
Scan Now