CVE-2010-0808

Name of the Vulnerable Software and Affected Versions Microsoft Internet Explorer versions 6 through 7

Description The issue allows remote attackers to obtain sensitive form information via a crafted web site by simulating user interaction with the AutoComplete feature. An attacker could exploit this by constructing a specially crafted Web page, potentially capturing information previously entered into fields after the AutoComplete feature has been enabled.

Recommendations For Microsoft Internet Explorer versions 6 through 7, consider disabling the AutoComplete feature as a temporary workaround until a patch is available. Restrict access to sensitive form information to minimize the risk of exploitation.