CVE-2011-3404 in Microsoft Internet Explorerinfo

Summary

Microsoft Internet Explorer 6 through 9 does not properly use the Content-Disposition HTTP header to control rendering of the HTTP response body, which allows remote attackers to read content from a different (1) domain or (2) zone via a crafted web site, aka "Content-Disposition Information Disclosure Vulnerability."

Reservation

09/09/2011

Disclosure

12/13/2011

Entries

VulDB provides additional information and datapoints for this CVE:

IDVulnerabilityCWEExpCouCVE
4465Microsoft Internet Explorer information disclosure200UnprovenOfficial fixCVE-2011-3404

Description

CPE

CWE

CVSS

Exploits

History

Diff

Relate

Threat Intelligence

API JSON

API XML

API CSV

PreviousOverviewNext

Do you want to use VulDB in your project?

Use the official API to access entries easily!