Search...

Microsoft IE Document Variable Overwrite Same Origin Policy Bypass

2007-07-28T19:23:04

ID OSVDB:38953
Type osvdb
Reporter OSVDB
Modified 2007-07-28T19:23:04

Description

No description provided by the source

References:

Other Advisory URL: http://www.0x000000.com/?i=371 CVE-2007-3481 Bugtraq ID: 24704

JSON Vulners Source

Initial Source

{"bulletinFamily": "software", "viewCount": 0, "reporter": "OSVDB", "references": [], "description": "# No description provided by the source\n\n## References:\nOther Advisory URL: http://www.0x000000.com/?i=371\n[CVE-2007-3481](https://vulners.com/cve/CVE-2007-3481)\nBugtraq ID: 24704\n", "affectedSoftware": [], "href": "https://vulners.com/osvdb/OSVDB:38953", "modified": "2007-07-28T19:23:04", "enchantments": {"score": {"value": 5.9, "vector": "NONE", "modified": "2017-04-28T13:20:34", "rev": 2}, "dependencies": {"references": [{"type": "cve", "idList": ["CVE-2007-3481"]}], "modified": "2017-04-28T13:20:34", "rev": 2}, "vulnersScore": 5.9}, "id": "OSVDB:38953", "title": "Microsoft IE Document Variable Overwrite Same Origin Policy Bypass", "edition": 1, "published": "2007-07-28T19:23:04", "type": "osvdb", "cvss": {"score": 5.0, "vector": "AV:NETWORK/AC:LOW/Au:NONE/C:PARTIAL/I:NONE/A:NONE/"}, "cvelist": ["CVE-2007-3481"], "lastseen": "2017-04-28T13:20:34"}

{"cve": [{"lastseen": "2021-02-02T05:31:24", "description": "** DISPUTED ** Cross-domain vulnerability in Microsoft Internet Explorer 6 and 7 allows remote attackers to bypass the Same Origin Policy and access restricted information from other domains via JavaScript that overwrites the document variable and statically sets the document.domain attribute. NOTE: this issue has been disputed by other researchers, citing a variable scoping issue and information about the semantics of document.domain.", "edition": 4, "cvss3": {}, "published": "2007-06-28T18:30:00", "title": "CVE-2007-3481", "type": "cve", "cwe": ["CWE-119"], "bulletinFamily": "NVD", "cvss2": {"severity": "MEDIUM", "exploitabilityScore": 10.0, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "LOW", "confidentialityImpact": "PARTIAL", "availabilityImpact": "NONE", "integrityImpact": "NONE", "baseScore": 5.0, "vectorString": "AV:N/AC:L/Au:N/C:P/I:N/A:N", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "impactScore": 2.9, "obtainUserPrivilege": false}, "cvelist": ["CVE-2007-3481"], "modified": "2008-11-15T06:52:00", "cpe": ["cpe:/a:microsoft:ie:6", "cpe:/a:microsoft:ie:7"], "id": "CVE-2007-3481", "href": "https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2007-3481", "cvss": {"score": 5.0, "vector": "AV:N/AC:L/Au:N/C:P/I:N/A:N"}, "cpe23": ["cpe:2.3:a:microsoft:ie:6:*:*:*:*:*:*:*", "cpe:2.3:a:microsoft:ie:7:*:*:*:*:*:*:*"]}]}