Thread-topic: [SA17564] Microsoft Internet Explorer CSS Import Disclosure of Sensitive Information
>
>
> TITLE:
> Microsoft Internet Explorer CSS Import Disclosure of Sensitive
> Information
>
> SECUNIA ADVISORY ID:
> SA17564
>
> VERIFY ADVISORY:
>
>
> CRITICAL:
> Less critical
>
> IMPACT:
> Cross Site Scripting, Exposure of sensitive information
>
> WHERE:
> From remote
>
> SOFTWARE:
> Microsoft Internet Explorer 6.x
>
>
> DESCRIPTION:
> Matan Gillon has discovered a vulnerability in Microsoft Internet
> Explorer, which can be exploited by malicious people to disclose
> potentially sensitive information.
>
> The vulnerability is caused due to an error where the content of
> imported CSS (Cascading Style Sheets) from other domains is not
> properly protected from being read via the "cssText" DHTML property.
>
> This can be exploited by a malicious web site to disclose parts of
> the content of certain documents served from another web site (e.g.
> HTML documents with a certain structure which can be parsed by the
> internal CSS parser), by loading the document via the "@import"
> directive and accessing the content of it via JavaScript.
>
> The vulnerability has been confirmed on a fully patched system with
> Internet Explorer 6.0 and Microsoft Windows XP SP2.
>
> SOLUTION:
> Disable Active Scripting except for trusted sites.
>
> PROVIDED AND/OR DISCOVERED BY:
> Matan Gillon
>
> ORIGINAL ADVISORY:
>
>
> ----------------------------------------------------------------------
