Microsoft Internet Explorer 'window.onerror' Cross Domain Information Disclosure Vulnerability

Microsoft Internet Explorer 'window.onerror' Cross Domain Information Disclosure Vulnerability

Microsoft Internet Explorer is prone to a cross-domain information-disclosure vulnerability because the application fails to properly enforce the same-origin policy.

An attacker can exploit this issue to bypass the same-origin policy and to obtain sensitive information from a website running in another domain or security zone. This may aid in further attacks.

This issue affects Internet Explorer 8; other versions may also be affected.