CVE-2007-3902

Use-after-free vulnerability in the CRecalcProperty function in mshtml.dll in Microsoft Internet Explorer 5.01 through 7 allows remote attackers to execute arbitrary code by calling the setExpression method and then modifying the outerHTML property of an HTML element, one variant of "Uninitialized Memory Corruption Vulnerability."

CVSS v2.0 9.3 HIGH

9.3^/10

CVSS v2.0 : HIGH

V2 Legend

Vector : AV:N/AC:M/Au:N/C:C/I:C/A:C

Exploitability : 8.6 / Impact : 10.0

Access Vector NETWORK

Access Complexity MEDIUM

Authentication NONE

Confidentiality Impact COMPLETE

Integrity Impact COMPLETE

Availability Impact COMPLETE

References

Link	Resource
http://labs.idefense.com/intelligence/vulnerabilities/display.php?id=631
http://secunia.com/advisories/28036	Vendor Advisory
http://securitytracker.com/id?1019078
http://www.securityfocus.com/archive/1/484887/100/0/threaded
http://www.securityfocus.com/archive/1/485268/100/0/threaded
http://www.securityfocus.com/archive/1/485268/100/0/threaded
http://www.securityfocus.com/bid/26506
http://www.us-cert.gov/cas/techalerts/TA07-345A.html	US Government Resource
http://www.vupen.com/english/advisories/2007/4184	Vendor Advisory
http://www.zerodayinitiative.com/advisories/ZDI-07-073.html
https://docs.microsoft.com/en-us/security-updates/securitybulletins/2007/ms07-069
https://exchange.xforce.ibmcloud.com/vulnerabilities/38713
https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A4582
http://labs.idefense.com/intelligence/vulnerabilities/display.php?id=631
http://secunia.com/advisories/28036	Vendor Advisory
http://securitytracker.com/id?1019078
http://www.securityfocus.com/archive/1/484887/100/0/threaded
http://www.securityfocus.com/archive/1/485268/100/0/threaded
http://www.securityfocus.com/archive/1/485268/100/0/threaded
http://www.securityfocus.com/bid/26506
http://www.us-cert.gov/cas/techalerts/TA07-345A.html	US Government Resource
http://www.vupen.com/english/advisories/2007/4184	Vendor Advisory
http://www.zerodayinitiative.com/advisories/ZDI-07-073.html
https://docs.microsoft.com/en-us/security-updates/securitybulletins/2007/ms07-069
https://exchange.xforce.ibmcloud.com/vulnerabilities/38713
https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A4582

Configurations

Configuration 1 (hide)

OR	cpe:2.3:a:microsoft:ie:5.x:::::::*
	cpe:2.3:a:microsoft:ie:6.0:sp1::::::
	cpe:2.3:a:microsoft:ie:6.0:sp2::::::
	cpe:2.3:a:microsoft:internet_explorer:5:::::::*
	cpe:2.3:a:microsoft:internet_explorer:5.01:::::::*
	cpe:2.3:a:microsoft:internet_explorer:5.1:::::::*
	cpe:2.3:a:microsoft:internet_explorer:5.01:sp1::::::
	cpe:2.3:a:microsoft:internet_explorer:5.01:sp2::::::
	cpe:2.3:a:microsoft:internet_explorer:5.01:sp3::::::
	cpe:2.3:a:microsoft:internet_explorer:5.01:sp4::::::
	cpe:2.3:a:microsoft:internet_explorer:5.2.3:::::::*
	cpe:2.3:a:microsoft:internet_explorer:5.5:::::::*
	cpe:2.3:a:microsoft:internet_explorer:5.5:preview::::::
	cpe:2.3:a:microsoft:internet_explorer:5.5:sp1::::::
	cpe:2.3:a:microsoft:internet_explorer:5.5:sp2::::::
	cpe:2.3:a:microsoft:internet_explorer:6:::::::*
	cpe:2.3:a:microsoft:internet_explorer:6:sp1::::::
	cpe:2.3:a:microsoft:internet_explorer:6.0:::::::*
	cpe:2.3:a:microsoft:internet_explorer:6.0.2600:::::::*
	cpe:2.3:a:microsoft:internet_explorer:6.0.2800:::::::*
	cpe:2.3:a:microsoft:internet_explorer:6.0.2800.1106:::::::*
	cpe:2.3:a:microsoft:internet_explorer:6.0.2900:::::::*
	cpe:2.3:a:microsoft:internet_explorer:6.0.2900.2180:::::::*
	cpe:2.3:a:microsoft:internet_explorer:7:::::::*
	cpe:2.3:a:microsoft:internet_explorer:7.0:::::::*
	cpe:2.3:a:microsoft:internet_explorer:7.0:beta::::::
	cpe:2.3:a:microsoft:internet_explorer:7.0:beta1::::::
	cpe:2.3:a:microsoft:internet_explorer:7.0:beta2::::::
	cpe:2.3:a:microsoft:internet_explorer:7.0:beta3::::::
	cpe:2.3:a:microsoft:internet_explorer:7.0.5730.11:::::::*

History

21 Nov 2024, 00:34

Type	Values Removed	Values Added
References	~~() http://labs.idefense.com/intelligence/vulnerabilities/display.php?id=631 -~~	() http://labs.idefense.com/intelligence/vulnerabilities/display.php?id=631 -
References	~~() http://secunia.com/advisories/28036 - Vendor Advisory~~	() http://secunia.com/advisories/28036 - Vendor Advisory
References	~~() http://securitytracker.com/id?1019078 -~~	() http://securitytracker.com/id?1019078 -
References	~~() http://www.securityfocus.com/archive/1/484887/100/0/threaded -~~	() http://www.securityfocus.com/archive/1/484887/100/0/threaded -
References	~~() http://www.securityfocus.com/archive/1/485268/100/0/threaded -~~	() http://www.securityfocus.com/archive/1/485268/100/0/threaded -
References	~~() http://www.securityfocus.com/bid/26506 -~~	() http://www.securityfocus.com/bid/26506 -
References	~~() http://www.us-cert.gov/cas/techalerts/TA07-345A.html - US Government Resource~~	() http://www.us-cert.gov/cas/techalerts/TA07-345A.html - US Government Resource
References	~~() http://www.vupen.com/english/advisories/2007/4184 - Vendor Advisory~~	() http://www.vupen.com/english/advisories/2007/4184 - Vendor Advisory
References	~~() http://www.zerodayinitiative.com/advisories/ZDI-07-073.html -~~	() http://www.zerodayinitiative.com/advisories/ZDI-07-073.html -
References	~~() https://docs.microsoft.com/en-us/security-updates/securitybulletins/2007/ms07-069 -~~	() https://docs.microsoft.com/en-us/security-updates/securitybulletins/2007/ms07-069 -
References	~~() https://exchange.xforce.ibmcloud.com/vulnerabilities/38713 -~~	() https://exchange.xforce.ibmcloud.com/vulnerabilities/38713 -
References	~~() https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A4582 -~~	() https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A4582 -

Information

Published : 2007-12-12 00:46

Updated : 2024-11-21 00:34

NVD link : CVE-2007-3902

Mitre link : CVE-2007-3902

CVE.ORG link : CVE-2007-3902

JSON object : View

Products Affected

microsoft

internet_explorer
ie

CWE

CWE-189

Numeric Errors

CWE-399

Resource Management Errors

9.3 /10