[email protected]CVE-2007-3826

HistoryJul 17, 2007 - 9:30 p.m.

CVE-2007-3826

2007-07-1721:30:00

NVD-CWE-Other

[email protected]

web.nvd.nist.gov

cve-2007-3826

microsoft

internet explorer 7

windows xp

sp2

remote attackers

phishing

security vulnerability

6.4 Medium

AI Score

Confidence

Low

9.3 High

CVSS2

Access Vector

NETWORK

Access Complexity

MEDIUM

Authentication

NONE

Confidentiality Impact

COMPLETE

Integrity Impact

COMPLETE

Availability Impact

COMPLETE

AV:N/AC:M/Au:N/C:C/I:C/A:C

0.944 High

EPSS

Percentile

99.2%

JSON

Microsoft Internet Explorer 7 on Windows XP SP2 allows remote attackers to prevent users from leaving a site, spoof the address bar, and conduct phishing and other attacks via repeated document.open function calls after a user requests a new page, but before the onBeforeUnload function is called.

CPENameOperatorVersion
microsoft:internet_explorermicrosoft internet explorereq7

CPE	Name	Operator	Version
microsoft:internet_explorer	microsoft internet explorer	eq	7

References

lcamtuf.coredump.cx/ietrap3/

osvdb.org/38212

secunia.com/advisories/26069

securityreason.com/securityalert/2892

securitytracker.com/id?1018788

www.securityfocus.com/archive/1/473702/100/0/threaded

www.securityfocus.com/archive/1/482366/100/0/threaded

www.securityfocus.com/bid/24911

www.us-cert.gov/cas/techalerts/TA07-282A.html

www.vupen.com/english/advisories/2007/2540

docs.microsoft.com/en-us/security-updates/securitybulletins/2007/ms07-057

exchange.xforce.ibmcloud.com/vulnerabilities/35421

oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A2324

6.4 Medium

AI Score

Confidence

Low

9.3 High

CVSS2

Access Vector

NETWORK

Access Complexity

MEDIUM

Authentication

NONE

Confidentiality Impact

COMPLETE

Integrity Impact

COMPLETE

Availability Impact

COMPLETE

AV:N/AC:M/Au:N/C:C/I:C/A:C

0.944 High

EPSS

Percentile

99.2%

JSON

Related for CVE-2007-3826

prion2 checkpoint_advisories1 openvas2 cve1 securityvulns3 nessus1