Cross-Zone Scripting Vulnerability in Internet Explorer by Microsoft
CVE-2008-2281

Currently unrated

Key Information:

Vendor: Microsoft
Status: Ie; Internet Explorer
Vendor: CVE Published:; 18 May 2008

Summary

A vulnerability exists in the Print Table of Links feature in Internet Explorer versions 6.0, 7.0, and 8.0b, allowing user-assisted attackers to inject arbitrary web scripts or HTML into the Local Machine Zone through crafted HTML documents. When users print these documents, malicious JavaScript sequences can be evaluated, potentially compromising user security and privacy.

References

https://www.exploit-db.com/exploits/5619

exploitx_refsource_EXPLOIT-DB

https://exchange.xforce.ibmcloud.com/vulnerabilities/42416

vdb-entryx_refsource_XF

http://www.vupen.com/english/advisories/2008/1529/references

vdb-entryx_refsource_VUPEN

EPSS Score

50% chance of being exploited in the next 30 days.

Timeline

Vulnerability published
May 18, 2008
Vulnerability Reserved
May 18, 2008