4.3

CVE-2007-4848

Exploit

EPSS 23.08%
Veröffentlicht 12.09.2007 20:17:00
Zuletzt bearbeitet 09.04.2025 00:30:58
Quelle cve@mitre.org
Teams Watchlist Login
Unerledigt Login

Microsoft Internet Explorer 4.0 through 7 allows remote attackers to determine the existence of local files that have associated images via a res:// URI in the src property of a JavaScript Image object, as demonstrated by the URI for a bitmap image resource within a (1) .exe or (2) .dll file.

Betroffene Produkte Warnungen 0 Metriken 2 CWE 0 Referenzen 5

Daten sind bereitgestellt durch National Vulnerability Database (NVD)

Microsoft ≫ Ie Version4.x

Microsoft ≫ Ie Version5.0 Updatesp1

Microsoft ≫ Ie Version5.0 Updatesp4

Microsoft ≫ Ie Version5.0_ta3

Microsoft ≫ Ie Version5.x

Microsoft ≫ Ie Version6.0 Updatesp1

Microsoft ≫ Ie Version6.0 Updatesp2

Microsoft ≫ Internet Explorer Version4.0

Microsoft ≫ Internet Explorer Version4.0.1

Microsoft ≫ Internet Explorer Version4.1

Microsoft ≫ Internet Explorer Version4.5

Microsoft ≫ Internet Explorer Version5

Microsoft ≫ Internet Explorer Version5.0

Microsoft ≫ Internet Explorer Version5.0.1

Microsoft ≫ Internet Explorer Version5.0.1 Updatesp1

Microsoft ≫ Internet Explorer Version5.0.1 Updatesp2

Microsoft ≫ Internet Explorer Version5.0.1 Updatesp3

Microsoft ≫ Internet Explorer Version5.0.1 Updatesp4

Microsoft ≫ Internet Explorer Version5.01

Microsoft ≫ Internet Explorer Version5.1

Microsoft ≫ Internet Explorer Version5.01 Updatesp1

Microsoft ≫ Internet Explorer Version5.01 Updatesp2

Microsoft ≫ Internet Explorer Version5.01 Updatesp3

Microsoft ≫ Internet Explorer Version5.01 Updatesp4

Microsoft ≫ Internet Explorer Version5.2.3

Microsoft ≫ Internet Explorer Version5.5

Microsoft ≫ Internet Explorer Version5.5 Updatepreview

Microsoft ≫ Internet Explorer Version5.5 Updatesp1

Microsoft ≫ Internet Explorer Version5.5 Updatesp2

Microsoft ≫ Internet Explorer Version6

Microsoft ≫ Internet Explorer Version6 Updatesp1

Microsoft ≫ Internet Explorer Version6.0

Microsoft ≫ Internet Explorer Version6.0.2600

Microsoft ≫ Internet Explorer Version6.0.2800

Microsoft ≫ Internet Explorer Version6.0.2800.1106

Microsoft ≫ Internet Explorer Version6.0.2900

Microsoft ≫ Internet Explorer Version6.0.2900.2180

Microsoft ≫ Internet Explorer Version7

Microsoft ≫ Internet Explorer Version7.0

Microsoft ≫ Internet Explorer Version7.0 Updatebeta

Microsoft ≫ Internet Explorer Version7.0 Updatebeta1

Microsoft ≫ Internet Explorer Version7.0 Updatebeta2

Microsoft ≫ Internet Explorer Version7.0 Updatebeta3

Microsoft ≫ Internet Explorer Version7.0.5730.11

Zu dieser CVE wurde keine CISA KEV oder CERT.AT-Warnung gefunden.

EPSS Metriken
Typ	Quelle	Score	Percentile
EPSS	FIRST.org	23.08%	0.954

CVSS Metriken
Quelle	Base Score	Exploit Score	Impact Score	Vector String
nvd@nist.gov	4.3	8.6	2.9	AV:N/AC:M/Au:N/C:P/I:N/A:N

http://osvdb.org/37638

http://xs-sniper.com/blog/2007/07/20/more-uri-stuff-ies-resouce-uri/

Exploit

https://nvd.nist.gov/vuln/detail/CVE-2007-4848

CVE Source (NVD)

https://cveawg.mitre.org/api/cve/CVE-2007-4848

CVE Source (JSON)

https://euvd.enisa.europa.eu/vulnerability/CVE-2007-4848

EUVD