[Forgot Password]
Login  Register Subscribe

23631

 
 

126173

 
 

98218

 
 

909

 
 

79224

 
 

109

Paid content will be excluded from the download.


Download | Alert*
CVE
view XML

CVE-2007-3481

Date: (C)2007-06-28   (M)2015-12-16 


** DISPUTED ** Cross-domain vulnerability in Microsoft Internet Explorer 6 and 7 allows remote attackers to bypass the Same Origin Policy and access restricted information from other domains via JavaScript that overwrites the document variable and statically sets the document.domain attribute. NOTE: this issue has been disputed by other researchers, citing a variable scoping issue and information about the semantics of document.domain.

CVSS Score: 5.0Access Vector: NETWORK
Exploit Score: 10.0Access Complexity: LOW
Impact Score: 2.9Authentication: NONE
 Confidentiality: PARTIAL
 Integrity: NONE
 Availability: NONE





Reference:
BID-24704
OSVDB-38953
http://www.0x000000.com/?i=371

CPE    2
cpe:/a:microsoft:ie:6
cpe:/a:microsoft:ie:7
CWE    1
CWE-119

© 2013 SecPod Technologies