ID |
CVE-2006-3640
|
Summary |
Microsoft Internet Explorer 5.01 and 6 allows certain script to persist across navigations between pages, which allows remote attackers to obtain the window location of visited web pages in other domains or zones, aka "Window Location Information Disclosure Vulnerability." |
References |
|
Vulnerable Configurations |
|
CVSS |
Base: | 5.0 (as of 23-07-2021 - 12:18) |
Impact: | |
Exploitability: | |
|
CWE |
NVD-CWE-Other |
CAPEC |
|
Access |
Vector | Complexity | Authentication |
NETWORK |
LOW |
NONE |
|
Impact |
Confidentiality | Integrity | Availability |
PARTIAL |
NONE |
NONE |
|
cvss-vector
via4
|
AV:N/AC:L/Au:N/C:P/I:N/A:N
|
oval
via4
|
accepted | 2015-08-03T04:01:03.147-04:00 | class | vulnerability | contributors | name | Robert L. Hollis | organization | ThreatGuard, Inc. |
name | Matthew Wojcik | organization | The MITRE Corporation |
name | Preeti Subramanian | organization | SecPod Technologies |
name | Maria Mikhno | organization | ALTX-SOFT |
name | Maria Mikhno | organization | ALTX-SOFT |
name | Maria Mikhno | organization | ALTX-SOFT |
| definition_extensions | comment | Microsoft Windows Server 2003 (x86) Gold is installed | oval | oval:org.mitre.oval:def:165 |
comment | Microsoft Internet Explorer 6 is installed | oval | oval:org.mitre.oval:def:563 |
comment | Microsoft Windows XP SP1 (64-bit) is installed | oval | oval:org.mitre.oval:def:480 |
comment | Microsoft Windows Server 2003 SP1 (x86) is installed | oval | oval:org.mitre.oval:def:565 |
comment | Microsoft Internet Explorer 6 is installed | oval | oval:org.mitre.oval:def:563 |
comment | Microsoft Windows XP SP2 or later is installed | oval | oval:org.mitre.oval:def:521 |
comment | Microsoft Internet Explorer 6 is installed | oval | oval:org.mitre.oval:def:563 |
comment | Microsoft Windows 2000 SP4 or later is installed | oval | oval:org.mitre.oval:def:229 |
comment | Microsoft Windows XP SP1 (32-bit) is installed | oval | oval:org.mitre.oval:def:1 |
comment | Microsoft Internet Explorer 6 is installed | oval | oval:org.mitre.oval:def:563 |
comment | Microsoft Windows 2000 SP4 or later is installed | oval | oval:org.mitre.oval:def:229 |
comment | Microsoft Internet Explorer 5.01 SP4 is installed | oval | oval:org.mitre.oval:def:325 |
| description | Microsoft Internet Explorer 5.01 and 6 allows certain script to persist across navigations between pages, which allows remote attackers to obtain the window location of visited web pages in other domains or zones, aka "Window Location Information Disclosure Vulnerability." | family | windows | id | oval:org.mitre.oval:def:171 | status | accepted | submitted | 2006-08-11T12:53:40 | title | Window Location Information Disclosure Vulnerability | version | 81 |
|
refmap
via4
|
bid | 19339 | osvdb | 27850 | sectrack | 1016663 | secunia | 21396 | vupen | ADV-2006-3212 |
|
Last major update |
23-07-2021 - 12:18 |
Published |
09-08-2006 - 00:04 |
Last modified |
23-07-2021 - 12:18 |