PT-2010-4023 · Microsoft · Internet Explorer

Michal Zalewski

·

Published

2010-06-24

·

Updated

2021-07-23

·

CVE-2010-2442

CVSS v2.0

4.3

Medium

VectorAV:N/AC:M/Au:N/C:P/I:N/A:N
Name of the Vulnerable Software and Affected Versions Microsoft Internet Explorer version 8
Description The issue allows remote attackers to read keystrokes via "cross-domain IFRAME gadgets" due to improper restriction of focus changes.
Recommendations For Microsoft Internet Explorer version 8, consider restricting the use of IFRAME elements to minimize the risk of exploitation.

Fix

Found an issue in the description? Have something to add? Feel free to write us 👾
dbugs@ptsecurity.com

Weakness Enumeration

CWE-264

Related Identifiers

CVE-2010-2442

Affected Products

Internet Explorer