Same Origin Policy Violation Timing Vulnerability in Microsoft Internet Explorer 6-9

Same Origin Policy Violation Timing Vulnerability in Microsoft Internet Explorer 6-9

CVE-2011-4689 · MEDIUM Severity

AV:N/AC:L/AU:N/C:P/I:N/A:N

Microsoft Internet Explorer 6 through 9 does not prevent capture of data about the times of Same Origin Policy violations during IFRAME loading attempts, which makes it easier for remote attackers to determine whether a document exists in the browser cache via crafted JavaScript code.

Learn more about our Web Application Penetration Testing UK.