CVE-2008-2949

Microsoft Internet Explorer 6-7 - XSS

Title source: llm

Exploitation Summary

EIP tracks 1 public exploit for CVE-2008-2949. PoCs published by Eduardo Vela.

AI-analyzed exploit summary This exploit leverages a cross-domain scripting vulnerability in Microsoft Internet Explorer by manipulating the location of a frame from a different domain, bypassing the same-origin policy. It uses JavaScript to change the frame's location and execute arbitrary code via DOM components.

Description

Cross-domain vulnerability in Microsoft Internet Explorer 6 and 7 allows remote attackers to change the location property of a frame via the String data type, and use a frame from a different domain to observe domain-independent events, as demonstrated by observing onkeydown events with caballero-listener. NOTE: according to Microsoft, this is a duplicate of CVE-2008-2947, possibly a different attack vector.

Exploits (1)

exploitdb WORKING POC VERIFIED

by Eduardo Vela · textremotewindows

https://www.exploit-db.com/exploits/31996

View Code ZIP pw:eip

This exploit leverages a cross-domain scripting vulnerability in Microsoft Internet Explorer by manipulating the location of a frame from a different domain, bypassing the same-origin policy. It uses JavaScript to change the frame's location and execute arbitrary code via DOM components.

Classification

Working Poc 90%

Attack Type

Xss

Complexity

Trivial

Reliability

Reliable

Target: Microsoft Internet Explorer 6, 7, and 8 Beta 1

No auth needed

Prerequisites: Victim must visit a malicious webpage or have malicious JavaScript executed in their browser

MITRE ATT&CK

T1059.007 - JavaScript

devstral-2 · analyzed Feb 16, 2026 Full analysis →

References (5)

Core 5

Core References

Third Party Advisory vdb-entry x_refsource_vupen

http://www.vupen.com/english/advisories/2008/1941/references

US Government Resource third-party-advisory x_refsource_cert-vn

http://www.kb.cert.org/vuls/id/516627

Vendor Advisory x_refsource_misc

http://technet.microsoft.com/en-us/security/cc405107.aspx#EHD

Various Sources x_refsource_misc

http://sirdarckcat.blogspot.com/2008/05/browsers-ghost-busters.html

Various Sources x_refsource_misc

http://blogs.zdnet.com/security/?p=1348

Scores

EPSS 0.4035

EPSS Percentile 97.4%

Details

Status published

Products (2)

microsoft/internet_explorer 6

microsoft/internet_explorer 7

Published Jun 30, 2008

Tracked Since Feb 18, 2026