CVE-2010-5071Microsoft Internet Explorer vulnerability

CWE-2643 documents3 sources
Severity
5.0MEDIUMNVD
EPSS
10.4%
top 6.79%
CISA KEV
Not in KEV
Exploit
No known exploits
Affected products
2
Microsoft Internet ExplorerMicrosoft IE
Timeline
PublishedDec 7
Latest updateMay 13

Description

The JavaScript implementation in Microsoft Internet Explorer 8.0 and earlier does not properly restrict the set of values contained in the object returned by the getComputedStyle method, which allows remote attackers to obtain sensitive information about visited web pages by calling this method.

CVSS vector

AV:N/AC:L/C:P/I:N/A:NExploitability: 10.0 | Impact: 2.9

Affected Packages2 packages

NVDmicrosoft/ie7.0.6000.16711, 8.0.7600.16385, 8.0b+2

🔴Vulnerability Details

2
GHSA
GHSA-3mpv-xg32-wjg6: The JavaScript implementation in Microsoft Internet Explorer 82022-05-13
CVEList
CVE-2010-5071: The JavaScript implementation in Microsoft Internet Explorer 82011-12-07
CVE-2010-5071 — Microsoft vulnerability | cvebase