Microsoft Internet Explorer 9 through 11 allows remote attackers to read the browser history via a crafted web site.