Microsoft Internet Explorer 'Print Table of Links' Cross Zone Script Injection Vulnerability

Microsoft Internet Explorer 'Print Table of Links' Cross Zone Script Injection Vulnerability

Microsoft Internet Explorer is prone to a script-injection vulnerability because it fails to adequately sanitize user-supplied input when printing a table of links.

Attackers can exploit this issue by enticing an unsuspecting user to initiate the printing procedure while viewing a specially crafted page. Successful exploits will cause malicious script code to run in the 'Local Machine Zone' of a victim's computer.

Internet Explorer 7.0 and 8.0b are vulnerable; other versions may also be affected.

Reports indicate that successful exploits on Windows Vista platforms running UAC can cause only information disclosure.