Same Origin Policy Violation Timing Vulnerability in Microsoft Internet Explorer 6-9
CVE-2011-4689 · MEDIUM Severity
AV:N/AC:L/AU:N/C:P/I:N/A:N
Microsoft Internet Explorer 6 through 9 does not prevent capture of data about the times of Same Origin Policy violations during IFRAME loading attempts, which makes it easier for remote attackers to determine whether a document exists in the browser cache via crafted JavaScript code.
Learn more about our Web Application Penetration Testing UK.