ID de Prueba:	1.3.6.1.4.1.25623.1.0.902246
Categoría:	Windows
Título:	Microsoft Internet Explorer 'toStaticHTML()' XSS Vulnerability
Resumen:	Internet Explorer is prone to a cross-site scripting (XSS); vulnerability.;; This VT has been deprecated and replaced by the VT with the OID: 1.3.6.1.4.1.25623.1.0.901162.
Descripción:	Summary: Internet Explorer is prone to a cross-site scripting (XSS) vulnerability. This VT has been deprecated and replaced by the VT with the OID: 1.3.6.1.4.1.25623.1.0.901162. Vulnerability Insight: The flaw is due to error in the 'toStaticHTML()' which is not properly handling the 'Cascading Style Sheets (CSS)'. Vulnerability Impact: Successful exploitation will allow remote attackers to bypass the cross-site scripting (XSS) protection mechanism and conduct XSS attacks. Affected Software/OS: Microsoft Internet Explorer version 8.x to 8.0.6001.18702. Solution: The vendor has released updates. Please see the references for more information. CVSS Score: 4.3 CVSS Vector: AV:N/AC:M/Au:N/C:N/I:P/A:N
Referencia Cruzada:	Common Vulnerability Exposure (CVE) ID: CVE-2010-3324 Cert/CC Advisory: TA10-285A http://www.us-cert.gov/cas/techalerts/TA10-285A.html http://archives.neohapsis.com/archives/fulldisclosure/2010-08/0179.html http://www.wooyun.org/bug.php?action=view&id=189 Microsoft Security Bulletin: MS10-071 https://docs.microsoft.com/en-us/security-updates/securitybulletins/2010/ms10-071 Microsoft Security Bulletin: MS10-072 https://docs.microsoft.com/en-us/security-updates/securitybulletins/2010/ms10-072 https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A7297
Copyright	Copyright (C) 2010 Greenbone AG

Esta es sólo una de 146377 pruebas de vulnerabilidad en nuestra serie de pruebas. Encuentre más sobre cómo ejecutar una auditoría de seguridad completa. Para ejecutar una prueba gratuita de esta vulnerabilidad contra su sistema, regístrese ahora.