CVE-2008-5552

Name of the Vulnerable Software and Affected Versions Microsoft Internet Explorer version 8.0 Beta 2

Description The issue allows remote attackers to bypass the XSS protection mechanism and conduct XSS attacks via a CRLF sequence in conjunction with a crafted Content-Type header, such as a header with a utf-7 charset value.

Recommendations For Microsoft Internet Explorer version 8.0 Beta 2, consider disabling the XSS Filter as a temporary workaround until a patch is available. Restrict access to crafted Content-Type headers to minimize the risk of exploitation. Avoid using the utf-7 charset value in the Content-Type header until the issue is resolved.