CVE-2008-2281

{"id": "CVE-2008-2281", "metrics": {"cvssMetricV2": [{"type": "Primary", "source": "nvd@nist.gov", "cvssData": {"version": "2.0", "baseScore": 9.3, "accessVector": "NETWORK", "vectorString": "AV:N/AC:M/Au:N/C:C/I:C/A:C", "authentication": "NONE", "integrityImpact": "COMPLETE", "accessComplexity": "MEDIUM", "availabilityImpact": "COMPLETE", "confidentialityImpact": "COMPLETE"}, "acInsufInfo": false, "impactScore": 10.0, "baseSeverity": "HIGH", "obtainAllPrivilege": true, "exploitabilityScore": 8.6, "obtainUserPrivilege": false, "obtainOtherPrivilege": false, "userInteractionRequired": true}]}, "published": "2008-05-18T14:20:00.000", "references": [{"url": "http://aviv.raffon.net/2008/05/14/InternetExplorerQuotPrintTableOfLinksquotCrossZoneScriptingVulnerability.aspx", "tags": ["Exploit"], "source": "cve@mitre.org"}, {"url": "http://secunia.com/advisories/30141", "tags": ["Vendor Advisory"], "source": "cve@mitre.org"}, {"url": "http://www.securityfocus.com/bid/29217", "source": "cve@mitre.org"}, {"url": "http://www.vupen.com/english/advisories/2008/1529/references", "source": "cve@mitre.org"}, {"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/42416", "source": "cve@mitre.org"}, {"url": "https://www.exploit-db.com/exploits/5619", "source": "cve@mitre.org"}, {"url": "http://aviv.raffon.net/2008/05/14/InternetExplorerQuotPrintTableOfLinksquotCrossZoneScriptingVulnerability.aspx", "tags": ["Exploit"], "source": "af854a3a-2127-422b-91ae-364da2661108"}, {"url": "http://secunia.com/advisories/30141", "tags": ["Vendor Advisory"], "source": "af854a3a-2127-422b-91ae-364da2661108"}, {"url": "http://www.securityfocus.com/bid/29217", "source": "af854a3a-2127-422b-91ae-364da2661108"}, {"url": "http://www.vupen.com/english/advisories/2008/1529/references", "source": "af854a3a-2127-422b-91ae-364da2661108"}, {"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/42416", "source": "af854a3a-2127-422b-91ae-364da2661108"}, {"url": "https://www.exploit-db.com/exploits/5619", "source": "af854a3a-2127-422b-91ae-364da2661108"}], "vulnStatus": "Modified", "weaknesses": [{"type": "Primary", "source": "nvd@nist.gov", "description": [{"lang": "en", "value": "NVD-CWE-Other"}]}], "descriptions": [{"lang": "en", "value": "Cross-zone scripting vulnerability in the Print Table of Links feature in Internet Explorer 6.0, 7.0, and 8.0b allows user-assisted remote attackers to inject arbitrary web script or HTML in the Local Machine Zone via an HTML document with a link containing JavaScript sequences, which are evaluated by a resource script when a user prints this document."}, {"lang": "es", "value": "Vulnerabilidad de secuencias de comandos en sitios cruzados (XSS) en la caracter\u00edstica Print Table of Links de Internet Explorer 6.0, 7.0 y 8.0b permite a atacantes remotos asistidos por el usuario inyectar secuencias de comandos web o HTML en la Zona de M\u00e1quina Local mediante un documento HTML con un enlace que contiene secuencias JavaScript, que se eval\u00faan por un script de recurso cuando un usuario imprime el documento."}], "lastModified": "2024-11-21T00:46:30.470", "configurations": [{"nodes": [{"negate": false, "cpeMatch": [{"criteria": "cpe:2.3:a:microsoft:ie:8.0b:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "587DAAD1-F33D-41EB-B752-36B9D87FC19B"}, {"criteria": "cpe:2.3:a:microsoft:internet_explorer:6.0:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "A19F6133-25D1-44A5-B6B9-354703436783"}, {"criteria": "cpe:2.3:a:microsoft:internet_explorer:7.0:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "6BC71FD8-D385-4507-BD14-B75FDD4C79E6"}], "operator": "OR"}]}], "sourceIdentifier": "cve@mitre.org"}