CVE-2015-0070Sensitive Information Exposure in Microsoft Internet Explorer

CWE-200Sensitive Information Exposure14 documents4 sources
Severity
4.3MEDIUMNVD
EPSS
22.3%
top 4.17%
CISA KEV
Not in KEV
Exploit
No known exploits
Affected products
1
Microsoft Internet Explorer
Timeline
PublishedFeb 11
Latest updateMay 14

Description

Microsoft Internet Explorer 6 through 11 allows remote attackers to read content from a different (1) domain or (2) zone via a crafted web site, aka "Internet Explorer Cross-domain Information Disclosure Vulnerability."

CVSS vector

AV:N/AC:M/C:P/I:N/A:NExploitability: 8.6 | Impact: 2.9

Affected Packages1 packages

NVDmicrosoft/internet_explorer6 versions+5

🔴Vulnerability Details

1
GHSA
GHSA-mc32-gp86-2hfh: Microsoft Internet Explorer 6 through 11 allows remote attackers to read content from a different (1) domain or (2) zone via a crafted web site, aka "2022-05-14

🕵️Threat Intelligence

1
Zscaler
Zscaler detects IE & MS Office Vulnerabilities | 02-10-2015

💬Community

11
Bugzilla
CVE-2015-7973 ntp: replay attack on authenticated broadcast mode2016-01-20
Bugzilla
CVE-2015-7538 jenkins: CSRF protection ineffective (SECURITY-233)2015-12-15
Bugzilla
CVE-2015-7537 jenkins: CSRF vulnerability in some administrative actions (SECURITY-225)2015-12-15
Bugzilla
CVE-2015-5323 jenkins: API tokens of other users available to admins (SECURITY-200)2015-11-16
Bugzilla
CVE-2015-5326 jenkins: Stored XSS vulnerability in slave offline status message (SECURITY-214)2015-11-16
CVE-2015-0070 — Sensitive Information Exposure | cvebase