Описание
Internet Explorer Information Disclosure Vulnerability
An information disclosure vulnerability exists when Internet Explorer improperly handles page content, which could allow an attacker to detect the navigation of the user leaving a maliciously crafted page.
To exploit the vulnerability, in a web-based attack scenario, an attacker could host a specially crafted website. In addition, compromised websites and websites that accept or host user-provided content could contain specially crafted content that could exploit the vulnerability.
The security update addresses the vulnerability by changing how page content is handled by Internet Explorer.
Обновления
| Продукт | Статья | Обновление |
|---|---|---|
| Internet Explorer 10 on Windows Server 2012 | ||
| Internet Explorer 9 on Windows Server 2008 for 32-bit Systems Service Pack 2 | ||
| Internet Explorer 9 on Windows Server 2008 for x64-based Systems Service Pack 2 | ||
| Internet Explorer 11 on Windows 10 Version 1703 for 32-bit Systems | ||
| Internet Explorer 11 on Windows 10 Version 1703 for x64-based Systems | ||
| Internet Explorer 11 on Windows 10 for 32-bit Systems | ||
| Internet Explorer 11 on Windows 10 for x64-based Systems | ||
| Internet Explorer 11 on Windows 10 Version 1511 for 32-bit Systems | ||
| Internet Explorer 11 on Windows 10 Version 1511 for x64-based Systems | ||
| Internet Explorer 11 on Windows 10 Version 1607 for 32-bit Systems |
Показывать по
Возможность эксплуатации
Publicly Disclosed
Exploited
Latest Software Release
Older Software Release
EPSS
2.4 Low
CVSS3
Связанные уязвимости
Internet Explorer in Microsoft Microsoft Windows 7 SP1, Windows Server 2008 SP2, Windows 8.1 and Windows RT 8.1, Windows Server 2012 and R2, Windows 10 Gold, 1511, 1607, 1703, 1709, Windows Server 2016 and Windows Server, version 1709 allows an attacker to detect the navigation of the user leaving a maliciously crafted page, due to how page content is handled by Internet Explorer, aka "Internet Explorer Information Disclosure Vulnerability".
Internet Explorer in Microsoft Microsoft Windows 7 SP1, Windows Server 2008 SP2, Windows 8.1 and Windows RT 8.1, Windows Server 2012 and R2, Windows 10 Gold, 1511, 1607, 1703, 1709, Windows Server 2016 and Windows Server, version 1709 allows an attacker to detect the navigation of the user leaving a maliciously crafted page, due to how page content is handled by Internet Explorer, aka "Internet Explorer Information Disclosure Vulnerability".
EPSS
2.4 Low
CVSS3