Security Advisory

CVE-2005-4089

CVE vulnerability detail — eXtreme Datacenter Security Operations

Published 2005-12-08 11:00:00

Last updated 2024-08-07 23:31:49

Assigner mitre

State PUBLISHED

Description

Microsoft Internet Explorer allows remote attackers to bypass cross-domain security restrictions and obtain sensitive information by using the @import directive to download files from other domains that are not valid Cascading Style Sheets (CSS) files, as demonstrated using Google Desktop, aka "CSSXSS" and "CSS Cross-Domain Information Disclosure Vulnerability."

← Browse all CVEs View on cve.org ↗