CVE-2011-2382

Published: Jun 3, 2011Modified: Apr 29, 2026

4.3

Vector

AV:N/AC:M/Au:N/C:P/I:N/A:N

Exploitability: 8.6 / Impact: 2.9

Source: NVD

Description

Microsoft Internet Explorer 8 and earlier, and Internet Explorer 9 beta, does not properly restrict cross-zone drag-and-drop actions, which allows user-assisted remote attackers to read cookie files via vectors involving an IFRAME element with a SRC attribute containing a file: URL, as demonstrated by a Facebook game, related to a "cookiejacking" issue.

Affected (97)

Products: Microsoft: Ie, Internet Explorer

Microsoft

2 products

Internet Explorer

Configuration A

97 vulnerable

Vulnerable Software	Affected Versions
Microsoft Ie	Version 9 beta
Microsoft Internet Explorer	Up to 8
Microsoft Internet Explorer	Version 3.0.1
Microsoft Internet Explorer	Version 3.0.2
Microsoft Internet Explorer	Version 3.0
Microsoft Internet Explorer	Version 3.1
Microsoft Internet Explorer	Version 3.2
Microsoft Internet Explorer	Version 4.0.1
Microsoft Internet Explorer	Version 4.0.1 sp1
Microsoft Internet Explorer	Version 4.0.1 sp2
Microsoft Internet Explorer	Version 4.01
Microsoft Internet Explorer	Version 4.01 sp1
Microsoft Internet Explorer	Version 4.0
Microsoft Internet Explorer	Version 4.1
Microsoft Internet Explorer	Version 4.40.308
Microsoft Internet Explorer	Version 4.40.520
Microsoft Internet Explorer	Version 4.5
Microsoft Internet Explorer	Version 4.70.1155
Microsoft Internet Explorer	Version 4.70.1158
Microsoft Internet Explorer	Version 4.70.1215
Microsoft Internet Explorer	Version 4.70.1300
Microsoft Internet Explorer	Version 4.71.1008.3
Microsoft Internet Explorer	Version 4.71.1712.6
Microsoft Internet Explorer	Version 4.71.544
Microsoft Internet Explorer	Version 4.72.2106.8
Microsoft Internet Explorer	Version 4.72.3110.8
Microsoft Internet Explorer	Version 4.72.3612.1713
Microsoft Internet Explorer	Version 5.0.1
Microsoft Internet Explorer	Version 5.0.1 sp1
Microsoft Internet Explorer	Version 5.0.1 sp2
Microsoft Internet Explorer	Version 5.0.1 sp3
Microsoft Internet Explorer	Version 5.0.1 sp4
Microsoft Internet Explorer	Version 5.00.0518.10
Microsoft Internet Explorer	Version 5.00.0910.1309
Microsoft Internet Explorer	Version 5.00.2014.0216
Microsoft Internet Explorer	Version 5.00.2314.1003
Microsoft Internet Explorer	Version 5.00.2516.1900
Microsoft Internet Explorer	Version 5.00.2614.3500
Microsoft Internet Explorer	Version 5.00.2919.3800
Microsoft Internet Explorer	Version 5.00.2919.6307
Microsoft Internet Explorer	Version 5.00.2919.800
Microsoft Internet Explorer	Version 5.00.2920.0000
Microsoft Internet Explorer	Version 5.00.3103.1000
Microsoft Internet Explorer	Version 5.00.3105.0106
Microsoft Internet Explorer	Version 5.00.3314.2101
Microsoft Internet Explorer	Version 5.00.3315.1000
Microsoft Internet Explorer	Version 5.00.3502.1000
Microsoft Internet Explorer	Version 5.00.3700.1000
Microsoft Internet Explorer	Version 5.01
Microsoft Internet Explorer	Version 5.01 sp1
Microsoft Internet Explorer	Version 5.01 sp2
Microsoft Internet Explorer	Version 5.01 sp3
Microsoft Internet Explorer	Version 5.01 sp4
Microsoft Internet Explorer	Version 5.0
Microsoft Internet Explorer	Version 5.1
Microsoft Internet Explorer	Version 5.2.3
Microsoft Internet Explorer	Version 5.50.3825.1300
Microsoft Internet Explorer	Version 5.50.4030.2400
Microsoft Internet Explorer	Version 5.50.4134.0100
Microsoft Internet Explorer	Version 5.50.4134.0600
Microsoft Internet Explorer	Version 5.50.4308.2900
Microsoft Internet Explorer	Version 5.50.4522.1800
Microsoft Internet Explorer	Version 5.50.4807.2300
Microsoft Internet Explorer	Version 5.5
Microsoft Internet Explorer	Version 5.5 preview
Microsoft Internet Explorer	Version 5.5 sp1
Microsoft Internet Explorer	Version 5.5 sp2
Microsoft Internet Explorer	Version 5
Microsoft Internet Explorer	Version 6.0.2600
Microsoft Internet Explorer	Version 6.0.2800.1106
Microsoft Internet Explorer	Version 6.0.2800
Microsoft Internet Explorer	Version 6.0.2900.2180
Microsoft Internet Explorer	Version 6.0.2900
Microsoft Internet Explorer	Version 6.00.2462.0000
Microsoft Internet Explorer	Version 6.00.2479.0006
Microsoft Internet Explorer	Version 6.00.2600.0000
Microsoft Internet Explorer	Version 6.00.2800.1106
Microsoft Internet Explorer	Version 6.00.2900.2180
Microsoft Internet Explorer	Version 6.00.3663.0000
Microsoft Internet Explorer	Version 6.00.3718.0000
Microsoft Internet Explorer	Version 6.00.3790.0000
Microsoft Internet Explorer	Version 6.00.3790.1830
Microsoft Internet Explorer	Version 6.00.3790.3959
Microsoft Internet Explorer	Version 6.0
Microsoft Internet Explorer	Version 6
Microsoft Internet Explorer	Version 6 sp1
Microsoft Internet Explorer	Version 7.0.5730.11
Microsoft Internet Explorer	Version 7.0.5730 unknown
Microsoft Internet Explorer	Version 7.00.5730.1100
Microsoft Internet Explorer	Version 7.00.6000.16386
Microsoft Internet Explorer	Version 7.00.6000.16441
Microsoft Internet Explorer	Version 7.0
Microsoft Internet Explorer	Version 7.0 beta1
Microsoft Internet Explorer	Version 7.0 beta2
Microsoft Internet Explorer	Version 7.0 beta3
Microsoft Internet Explorer	Version 7.0 beta
Microsoft Internet Explorer	Version 7