QwikSec

Security Database

CVE

CWE

Training

CVE-2009-4074

Published: Nov 25, 2009

Modified: Aug 7, 2024

PUBLISHED

Description

The XSS Filter in Microsoft Internet Explorer 8 allows remote attackers to leverage the "response-changing mechanism" to conduct cross-site scripting (XSS) attacks against web sites that have no inherent XSS vulnerabilities, related to the details of output encoding and improper modification of an HTML attribute, aka "XSS Filter Script Handling Vulnerability."

Vendor	Product	Versions
n/a	n/a	affected `n/a`

References

oval:org.mitre.oval:def:7715

vdb-entry

signature

x_refsource_OVAL

http://www.theregister.co.uk/2009/11/20/internet_explorer_security_flaw/

x_refsource_MISC

http://hackademix.net/2009/11/21/ies-xss-filter-creates-xss-vulnerabilities/

x_refsource_MISC

http://www.owasp.org/images/5/50/OWASP-Italy_Day_IV_Maone.pdf

x_refsource_MISC

vdb-entry

x_refsource_BID

vendor-advisory

x_refsource_MS

Security Training

Train your team to recognize and prevent security threats with our comprehensive security awareness program.

Vulnerability Scanning

Discover vulnerabilities in your applications and infrastructure before attackers do.