CVE-2009-4073
The printing functionality in Microsoft Internet Explorer 8 allows remote attackers to discover a local pathname, and possibly a local username, by reading the dc:title element of a PDF document that was generated from a local web page.
| Software | From | Fixed in |
|---|---|---|
| microsoft / internet_explorer | 8 | 8.x |
| microsoft / internet_explorer | 5 | 5.x |
| microsoft / internet_explorer | 7 | 7.x |
| microsoft / internet_explorer | 6 | 6.x |
- http://osvdb.org/60504
- http://secunia.com/advisories/37362
- http://securethoughts.com/2009/11/millions-of-pdf-invisibly-embedded-with-your-internal-disk-paths/
- http://www.securityfocus.com/archive/1/508010/100/0/threaded
- http://www.theregister.co.uk/2009/11/23/internet_explorer_file_disclosure_bug/
- https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A12355
Deep Security Visibility Without the Complexity
SynScan provides clear, real-time security insights so you can monitor your attack surface, spot risks early, and act fast—without extra complexity.
- No setup fees
- 5-min deployment
- Cancel anytime