CVE-2007-3903 - Computer security: vulnerabilities and exploits database

[EN] securityvulns.ru
no-pyccku

CVE CVE-2007-3903
Status UNKNOWN
Description Microsoft Internet Explorer 6 and 7 allows remote attackers to execute arbitrary code via uninitialized or deleted objects used in repeated calls to the (1) cloneNode or (2) nodeValue JavaScript function, a different issue than CVE-2007-3902 and CVE-2007-5344, a variant of "Uninitialized Memory Corruption Vulnerability."
Severity Medium
CVSS score 6,8
CVSS vector (AV:N/AC:M/Au:N/C:P/I:P/A:P)
Phase ASSIGNED (03.10.2011)
NVD: http://nvd.nist.gov/nvd.cfm?cvename=CVE-2007-3903
References BID : 26816
BUGTRAQ : 20071211 ZDI-07-074: Microsoft Internet Explorer Node Manipulation Memory Corruption
CERT : TA07-345A
HP : SSRT071506
HP : SSRT071506
MISC : http://www.zerodayinitiative.com/advisories/ZDI-07...
MS : MS07-069
OVAL : oval:org.mitre.oval:def:4553
SECTRACK : 1019078
SECUNIA : 28036
VUPEN : ADV-2007-4184
XF : ie-clonenode-nodevalue-code-execution(38714)
SecurityVulns: Microsoft Internet Explorer multiple security vulnerabilities

About | Terms of use | Privacy Policy
© SecurityVulns, 3APA3A, Vladimir Dubrovin
Nizhny Novgorod

test server