CVE-2015-6164

Name of the Vulnerable Software and Affected Versions Microsoft Internet Explorer versions 9 through 11

Description The issue arises from improper implementation of a cross-site scripting (XSS) protection mechanism in Microsoft Internet Explorer, allowing remote attackers to bypass the Same Origin Policy via a crafted web site. This could enable an attacker to access information from one domain and inject it into another domain. The vulnerability itself does not allow arbitrary code execution but could be exploited in conjunction with another vulnerability to take advantage of elevated privileges.

Recommendations For Microsoft Internet Explorer versions 9 through 11, as a temporary workaround, consider disabling the XSS filter until a patch is available. Restrict access to potentially vulnerable web sites to minimize the risk of exploitation. At the moment, there is no information about a newer version that contains a fix for this vulnerability.