Lucene search
K
Catalog
Vendors
Products
Timeline
Vulnerabilities
Sources
Documentation
Blog
Glossary
FAQ
Brand assets
Assessment
Agents dashboard
Agent Scanning
API Scanning
Assessment API
Alerts
Email notifications
Webhook notifications
Alerts API
SBOM package analysis
API Reference
Support
Settings
Sign in
🔥 Daily Hot!
💪🏽 CPE Enhanced Advisories
🕶 Shadow Exploits
🕵🏼 Vulners CPE
🔐 Security news
💻 Exploit updates
📑 Blogs review
🐧 Linux vulnerabilities
🐞 Bugbounty
🤖 AI High Score
📰 CVE Feed
show all

6 matches found

Check Point Advisories
Check Point Advisoriesadded 2009/12/10 12:0 a.m.6 views

Internet Explorer Object Reference Counting Memory Corruption (MS07-069; CVE-2007-3902)

Microsoft Internet Explorer IE is a web browser application that is capable of rendering both static and dynamic web content. The application is primarily used for tasks related to web browsing, such as displaying HTML encoded pages, downloading files, etc. A memory corruption vulnerability exist...

9.3CVSS7.7AI score0.35508EPSS
Exploits1
seebug.org
seebug.orgadded 2007/12/13 12:0 a.m.42 views

Microsoft Internet Explorer setExpression远程代码漏洞

CVE ID:CVE-2007-3902 CNCVE ID:CNCVE-20073902 Microsoft Internet Explorer是一款流行的WEB浏览器。 Microsoft Internet Explorer处理CRecalcProperty函数存在内存破坏问题,远程攻击者可以利用漏洞以应用程序进程权限执行任意指令。 问题存在于mshtml.dll的CRecalcProperty函数中,当在调用setExpressio方法后渲染HTML,之后跟随编程化建立元素的outerHTML属性的修改,有问题代码会引用之前释放的内存地址而导致代码执行。 Microsoft...

9.3CVSS6.4AI score0.35508EPSS
Exploits1
securityvulns
securityvulnsadded 2007/12/13 12:0 a.m.146 views

iDefense Security Advisory 12.11.07: Microsoft Internet Explorer JavaScript setExpression Heap Corruption Vulnerability

iDefense Security Advisory 12.11.07 http://labs.idefense.com/intelligence/vulnerabilities/ Dec 11, 2007 I. BACKGROUND Internet Explorer is a graphical web browser developed by Microsoft Corp. and included as part of Microsoft Windows since 1995. The setExpression method is commonly used to assign...

9.3CVSS6.3AI score0.35508EPSS
Exploits1
NVD
NVDadded 2007/12/12 12:46 a.m.34 views

CVE-2007-3902

Use-after-free vulnerability in the CRecalcProperty function in mshtml.dll in Microsoft Internet Explorer 5.01 through 7 allows remote attackers to execute arbitrary code by calling the setExpression method and then modifying the outerHTML property of an HTML element, one variant of "Uninitialize...

9.3CVSS7.2AI score0.35508EPSS
Exploits1References12
CVE
CVEadded 2007/12/12 12:0 a.m.85 views

CVE-2007-3902

CVE-2007-3902 is a use-after-free/ memory corruption vulnerability in Microsoft Internet Explorer 5.01–7, caused by the CRecalcProperty function in mshtml.dll. Attackers could trigger arbitrary code execution by calling the setExpression method and then modifying an element’s outerHTML, leading t...

9.3CVSS7.1AI score0.35508EPSS
Exploits1References12Affected Software2
Tenable Nessus
Tenable Nessusadded 2007/12/11 12:0 a.m.59 views

MS07-069: Cumulative Security Update for Internet Explorer (942615)

The remote host is missing the IE cumulative security update 942615. The remote version of IE is vulnerable to several flaws that could allow an attacker to execute arbitrary code on the remote host. Tenable Network Security, Inc. include"compat.inc"; if description scriptid29313;...

9.3CVSS6.2AI score0.38031EPSS
Exploits7References11
Rows per page
Query Builder