Description
Microsoft Internet Explorer 6, 7, and 8 does not properly determine the origin of script code, which allows remote attackers to execute script in an unintended domain or security zone, and obtain sensitive information, via unspecified vectors, aka "Event Handler Cross-Domain Vulnerability."
References (3)
Core 3
Core References
Third Party Advisory, VDB Entry vdb-entry
signature
x_refsource_oval
https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A11954
US Government Resource third-party-advisory
x_refsource_cert
http://www.us-cert.gov/cas/techalerts/TA10-222A.html
Vendor Advisory vendor-advisory
x_refsource_ms
https://docs.microsoft.com/en-us/security-updates/securitybulletins/2010/ms10-053
Scores
EPSS
0.1699
EPSS Percentile
96.7%
Details
CWE
CWE-200
Status
published
Products (3)
microsoft/internet_explorer
6
microsoft/internet_explorer
7
microsoft/internet_explorer
8
Published
Aug 11, 2010
Tracked Since
Feb 18, 2026