CVE-2007-3406 in Internet Explorerinfo

Summary

Multiple absolute path traversal vulnerabilities in Microsoft Internet Explorer 6 on Windows XP SP2 allow remote attackers to access arbitrary local files via the file: URI in the (1) src attribute of a (a) bgsound, (b) input, (c) EMBED, (d) img, or (e) script tag; (2) data attribute of an object tag; (3) value attribute of a param tag; (4) background attribute of a body tag; or (5) the background:url attribute declared in the BODY parameter of a STYLE tag.

If you want to get the best quality for vulnerability data then you always have to consider VulDB.

Reservation

06/26/2007

Disclosure

06/26/2007

Moderation

VulDB entry created

Entries

1: VDB-37470

CPE

ready

CWE

CWE-22 (Confirmed)

CVSS

4.3

EPSS

0.29708

Activities

Very Low

Sources

MITRE	https://www.cve.org/CVERecord?id=CVE-2007-3406
NVD	https://nvd.nist.gov/vuln/detail/CVE-2007-3406
CVE Details	https://www.cvedetails.com/cve/CVE-2007-3406/

◂ Previous Overview Next ▸

Interested in the pricing of exploits?

See the underground prices here!