First published: Sun May 18 2008(Updated: )
Cross-zone scripting vulnerability in the Print Table of Links feature in Internet Explorer 6.0, 7.0, and 8.0b allows user-assisted remote attackers to inject arbitrary web script or HTML in the Local Machine Zone via an HTML document with a link containing JavaScript sequences, which are evaluated by a resource script when a user prints this document.
Credit: cve@mitre.org
Affected Software | Affected Version | How to fix |
---|---|---|
Microsoft Internet Explorer | =8.0b | |
Internet Explorer | =6.0 | |
Internet Explorer | =7.0 |
Sign up to SecAlerts for real-time vulnerability data matched to your software, aggregated from hundreds of sources.
CVE-2008-2281 is rated as a medium severity vulnerability due to the potential for user-assisted exploitation.
To fix CVE-2008-2281, it is recommended to update Microsoft Internet Explorer to the latest available version.
CVE-2008-2281 affects Internet Explorer versions 6.0, 7.0, and 8.0b.
Exploiting CVE-2008-2281 could allow attackers to inject arbitrary web scripts or HTML in the Local Machine Zone.
Users of affected versions of Internet Explorer who engage with malicious links are primarily at risk from CVE-2008-2281.