6.8

CVE-2007-1091

Microsoft Internet Explorer 7 allows remote attackers to prevent users from leaving a site, spoof the address bar, and conduct phishing and other attacks via onUnload Javascript handlers.
Daten sind bereitgestellt durch National Vulnerability Database (NVD)
MicrosoftIe Version6.0 Updatesp1
MicrosoftIe Version6.0 Updatesp2
MicrosoftIe Version7.0 Editionvista
MicrosoftInternet Explorer Version6.0
Zu dieser CVE wurde keine Warnung gefunden.
EPSS Metriken
Typ Quelle Score Percentile
EPSS FIRST.org 24.8% 0.976
CVSS Metriken
Quelle Base Score Exploit Score Impact Score Vector String
nvd@nist.gov 6.8 8.6 6.4
AV:N/AC:M/Au:N/C:P/I:P/A:P
Es wurden noch keine Informationen zu CWE veröffentlicht.
http://lcamtuf.coredump.cx/ietrap
http://lists.grok.org.uk/pipermail/full-disclosure/2007-February/052630.html
http://secunia.com/advisories/23014
Patch
http://securityreason.com/securityalert/2291
http://securitytracker.com/id?1018788
http://www.securityfocus.com/archive/1/461023/100/0/threaded
http://www.securityfocus.com/archive/1/461027/100/0/threaded
http://www.securityfocus.com/archive/1/482366/100/0/threaded
http://www.securityfocus.com/bid/22680
http://www.us-cert.gov/cas/techalerts/TA07-282A.html
US Government Resource
http://www.vupen.com/english/advisories/2007/0713
https://docs.microsoft.com/en-us/security-updates/securitybulletins/2007/ms07-057
https://exchange.xforce.ibmcloud.com/vulnerabilities/32647
https://exchange.xforce.ibmcloud.com/vulnerabilities/32649
https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A2162