CVEDB API

Vulnerabilities

By Date
Known Exploited
Advanced Search

Vulnerable Software

Vendors
Products

Vulnerability Details CVE-2011-4689

Microsoft Internet Explorer 6 through 9 does not prevent capture of data about the times of Same Origin Policy violations during IFRAME loading attempts, which makes it easier for remote attackers to determine whether a document exists in the browser cache via crafted JavaScript code.

Exploit prediction scoring system (EPSS) score

EPSS Score 0.16

EPSS Ranking 94.5%

CVSS Severity

CVSS v2 Score 5.0

References

http://lcamtuf.coredump.cx/cachetime/
http://secunia.com/advisories/47129
http://lcamtuf.coredump.cx/cachetime/
http://secunia.com/advisories/47129

Products affected by CVE-2011-4689

Microsoft » Internet Explorer » Version: 6

cpe:2.3:a:microsoft:internet_explorer:6
Microsoft » Internet Explorer » Version: 7

cpe:2.3:a:microsoft:internet_explorer:7
Microsoft » Internet Explorer » Version: 8

cpe:2.3:a:microsoft:internet_explorer:8
Microsoft » Internet Explorer » Version: 9

cpe:2.3:a:microsoft:internet_explorer:9

Vulnerabilities

Vulnerable Software

Vulnerability Details CVE-2011-4689

Products

Pricing

Contact Us