9.3

CVE-2007-3092

Exploit
Microsoft Internet Explorer 6 allows remote attackers to spoof the URL bar, and page properties including SSL certificates, by interrupting page loading through certain use of location DOM objects and setTimeout calls.  NOTE: this issue can be leveraged for phishing and other attacks.
Daten sind bereitgestellt durch National Vulnerability Database (NVD)
MicrosoftInternet Explorer Version6.0
MicrosoftInternet Explorer Version6.0 Updatesp1
MicrosoftInternet Explorer Version6.0 Updatesp2
Zu dieser CVE wurde keine Warnung gefunden.
EPSS Metriken
Typ Quelle Score Percentile
EPSS FIRST.org 19.98% 0.971
CVSS Metriken
Quelle Base Score Exploit Score Impact Score Vector String
nvd@nist.gov 9.3 8.6 10
AV:N/AC:M/Au:N/C:C/I:C/A:C
Es wurden noch keine Informationen zu CWE veröffentlicht.
http://archives.neohapsis.com/archives/fulldisclosure/2007-06/0026.html
Broken Link
http://securityreason.com/securityalert/2781
Third Party Advisory
Exploit
http://www.securityfocus.com/archive/1/470446/100/0/threaded
Third Party Advisory
VDB Entry
http://secunia.com/advisories/25564
Not Applicable
http://lcamtuf.coredump.cx/ietrap2/
Broken Link
http://osvdb.org/45437
Broken Link
http://securitytracker.com/id?1018193
Third Party Advisory
VDB Entry
http://www.securityfocus.com/bid/24298
Third Party Advisory
VDB Entry
https://exchange.xforce.ibmcloud.com/vulnerabilities/34705
VDB Entry