ID CVE-2008-2281
Summary Cross-zone scripting vulnerability in the Print Table of Links feature in Internet Explorer 6.0, 7.0, and 8.0b allows user-assisted remote attackers to inject arbitrary web script or HTML in the Local Machine Zone via an HTML document with a link containing JavaScript sequences, which are evaluated by a resource script when a user prints this document.
References
Vulnerable Configurations
  • cpe:2.3:a:microsoft:internet_explorer:6.0:*:*:*:*:*:*:*
    cpe:2.3:a:microsoft:internet_explorer:6.0:*:*:*:*:*:*:*
  • cpe:2.3:a:microsoft:internet_explorer:7.0:*:*:*:*:*:*:*
    cpe:2.3:a:microsoft:internet_explorer:7.0:*:*:*:*:*:*:*
  • cpe:2.3:a:microsoft:ie:8.0b:*:*:*:*:*:*:*
    cpe:2.3:a:microsoft:ie:8.0b:*:*:*:*:*:*:*
CVSS
Base: 9.3 (as of 23-07-2021 - 15:05)
Impact:
Exploitability:
CWE NVD-CWE-Other
CAPEC
Access
VectorComplexityAuthentication
NETWORK MEDIUM NONE
Impact
ConfidentialityIntegrityAvailability
COMPLETE COMPLETE COMPLETE
cvss-vector via4 AV:N/AC:M/Au:N/C:C/I:C/A:C
refmap via4
bid 29217
exploit-db 5619
misc http://aviv.raffon.net/2008/05/14/InternetExplorerQuotPrintTableOfLinksquotCrossZoneScriptingVulnerability.aspx
secunia 30141
vupen ADV-2008-1529
xf ie-printtableoflinks-code-execution(42416)
Last major update 23-07-2021 - 15:05
Published 18-05-2008 - 14:20
Last modified 23-07-2021 - 15:05
Back to Top