ID CVE-2007-3893
Summary Unspecified vulnerability in Microsoft Internet Explorer 5.01 through 7 allows remote attackers to execute arbitrary code via unspecified vectors involving memory corruption from an unhandled error.
References
Vulnerable Configurations
  • cpe:2.3:a:microsoft:ie:5.00.2516.1900:*:*:*:*:*:*:*
    cpe:2.3:a:microsoft:ie:5.00.2516.1900:*:*:*:*:*:*:*
  • cpe:2.3:a:microsoft:ie:5.00.2614.3500:*:*:*:*:*:*:*
    cpe:2.3:a:microsoft:ie:5.00.2614.3500:*:*:*:*:*:*:*
  • cpe:2.3:a:microsoft:ie:5.00.2919.800:*:*:*:*:*:*:*
    cpe:2.3:a:microsoft:ie:5.00.2919.800:*:*:*:*:*:*:*
  • cpe:2.3:a:microsoft:ie:5.00.2919.3800:*:*:*:*:*:*:*
    cpe:2.3:a:microsoft:ie:5.00.2919.3800:*:*:*:*:*:*:*
  • cpe:2.3:a:microsoft:ie:5.00.2919.6307:*:*:*:*:*:*:*
    cpe:2.3:a:microsoft:ie:5.00.2919.6307:*:*:*:*:*:*:*
  • cpe:2.3:a:microsoft:ie:5.00.2920.0000:*:*:*:*:*:*:*
    cpe:2.3:a:microsoft:ie:5.00.2920.0000:*:*:*:*:*:*:*
  • cpe:2.3:a:microsoft:ie:5.00.3103.1000:*:*:*:*:*:*:*
    cpe:2.3:a:microsoft:ie:5.00.3103.1000:*:*:*:*:*:*:*
  • cpe:2.3:a:microsoft:ie:5.00.3105.0106:*:*:*:*:*:*:*
    cpe:2.3:a:microsoft:ie:5.00.3105.0106:*:*:*:*:*:*:*
  • cpe:2.3:a:microsoft:ie:5.00.3314.2101:*:*:*:*:*:*:*
    cpe:2.3:a:microsoft:ie:5.00.3314.2101:*:*:*:*:*:*:*
  • cpe:2.3:a:microsoft:ie:5.00.3315.1000:*:*:*:*:*:*:*
    cpe:2.3:a:microsoft:ie:5.00.3315.1000:*:*:*:*:*:*:*
  • cpe:2.3:a:microsoft:ie:5.00.3502.1000:*:*:*:*:*:*:*
    cpe:2.3:a:microsoft:ie:5.00.3502.1000:*:*:*:*:*:*:*
  • cpe:2.3:a:microsoft:ie:5.00.3700.1000:*:*:*:*:*:*:*
    cpe:2.3:a:microsoft:ie:5.00.3700.1000:*:*:*:*:*:*:*
  • cpe:2.3:a:microsoft:ie:6.00.2462.0000:*:*:*:*:*:*:*
    cpe:2.3:a:microsoft:ie:6.00.2462.0000:*:*:*:*:*:*:*
  • cpe:2.3:a:microsoft:ie:6.00.2479.0006:*:*:*:*:*:*:*
    cpe:2.3:a:microsoft:ie:6.00.2479.0006:*:*:*:*:*:*:*
  • cpe:2.3:a:microsoft:ie:6.00.2600.0000:*:*:*:*:*:*:*
    cpe:2.3:a:microsoft:ie:6.00.2600.0000:*:*:*:*:*:*:*
  • cpe:2.3:a:microsoft:ie:6.00.2800.1106:*:*:*:*:*:*:*
    cpe:2.3:a:microsoft:ie:6.00.2800.1106:*:*:*:*:*:*:*
  • cpe:2.3:a:microsoft:ie:6.00.2900.2180:*:*:*:*:*:*:*
    cpe:2.3:a:microsoft:ie:6.00.2900.2180:*:*:*:*:*:*:*
  • cpe:2.3:a:microsoft:ie:6.00.3663.0000:*:*:*:*:*:*:*
    cpe:2.3:a:microsoft:ie:6.00.3663.0000:*:*:*:*:*:*:*
  • cpe:2.3:a:microsoft:ie:6.00.3718.0000:*:*:*:*:*:*:*
    cpe:2.3:a:microsoft:ie:6.00.3718.0000:*:*:*:*:*:*:*
  • cpe:2.3:a:microsoft:ie:6.00.3790.0000:*:*:*:*:*:*:*
    cpe:2.3:a:microsoft:ie:6.00.3790.0000:*:*:*:*:*:*:*
  • cpe:2.3:a:microsoft:ie:6.00.3790.1830:*:*:*:*:*:*:*
    cpe:2.3:a:microsoft:ie:6.00.3790.1830:*:*:*:*:*:*:*
  • cpe:2.3:a:microsoft:ie:6.00.3790.3959:*:*:*:*:*:*:*
    cpe:2.3:a:microsoft:ie:6.00.3790.3959:*:*:*:*:*:*:*
  • cpe:2.3:a:microsoft:ie:7.0:*:*:*:*:*:*:*
    cpe:2.3:a:microsoft:ie:7.0:*:*:*:*:*:*:*
  • cpe:2.3:a:microsoft:ie:7.0:beta1:*:*:*:*:*:*
    cpe:2.3:a:microsoft:ie:7.0:beta1:*:*:*:*:*:*
  • cpe:2.3:a:microsoft:ie:7.0:beta2:*:*:*:*:*:*
    cpe:2.3:a:microsoft:ie:7.0:beta2:*:*:*:*:*:*
  • cpe:2.3:a:microsoft:ie:7.0:beta3:*:*:*:*:*:*
    cpe:2.3:a:microsoft:ie:7.0:beta3:*:*:*:*:*:*
  • cpe:2.3:a:microsoft:ie:7.00.5730.1100:*:*:*:*:*:*:*
    cpe:2.3:a:microsoft:ie:7.00.5730.1100:*:*:*:*:*:*:*
  • cpe:2.3:a:microsoft:ie:7.00.6000.16386:*:*:*:*:*:*:*
    cpe:2.3:a:microsoft:ie:7.00.6000.16386:*:*:*:*:*:*:*
  • cpe:2.3:a:microsoft:ie:7.00.6000.16441:*:*:*:*:*:*:*
    cpe:2.3:a:microsoft:ie:7.00.6000.16441:*:*:*:*:*:*:*
CVSS
Base: 6.8 (as of 15-10-2018 - 21:31)
Impact:
Exploitability:
CWE CWE-399
CAPEC
Access
VectorComplexityAuthentication
NETWORK MEDIUM NONE
Impact
ConfidentialityIntegrityAvailability
PARTIAL PARTIAL PARTIAL
cvss-vector via4 AV:N/AC:M/Au:N/C:P/I:P/A:P
oval via4
accepted 2014-02-24T04:03:11.961-05:00
class vulnerability
contributors
  • name Robert L. Hollis
    organization ThreatGuard, Inc.
  • name Jeff Cheng
    organization Opsware, Inc.
  • name Jeff Cheng
    organization Opsware, Inc.
  • name Jeff Cheng
    organization Opsware, Inc.
  • name Jeff Cheng
    organization Opsware, Inc.
  • name Jeff Cheng
    organization Opsware, Inc.
  • name Jeff Cheng
    organization Opsware, Inc.
  • name Chandan S
    organization SecPod Technologies
  • name Maria Mikhno
    organization ALTX-SOFT
definition_extensions
  • comment Microsoft Windows 2000 SP4 or later is installed
    oval oval:org.mitre.oval:def:229
  • comment Microsoft Internet Explorer 5.01 SP4 is installed
    oval oval:org.mitre.oval:def:325
  • comment Microsoft Windows 2000 SP4 or later is installed
    oval oval:org.mitre.oval:def:229
  • comment Microsoft Windows XP SP2 or later is installed
    oval oval:org.mitre.oval:def:521
  • comment Microsoft Internet Explorer 6 is installed
    oval oval:org.mitre.oval:def:563
  • comment Microsoft Windows Server 2003 SP1 (x86) is installed
    oval oval:org.mitre.oval:def:565
  • comment Microsoft Windows Server 2003 (x64) is installed
    oval oval:org.mitre.oval:def:730
  • comment Microsoft Windows Server 2003 SP1 for Itanium is installed
    oval oval:org.mitre.oval:def:1205
  • comment Microsoft Internet Explorer 6 is installed
    oval oval:org.mitre.oval:def:563
  • comment Microsoft Windows Server 2003 SP2 (x86) is installed
    oval oval:org.mitre.oval:def:1935
  • comment Microsoft Windows Server 2003 SP2 (x64) is installed
    oval oval:org.mitre.oval:def:2161
  • comment Microsoft Windows Server 2003 (ia64) SP2 is installed
    oval oval:org.mitre.oval:def:1442
  • comment Microsoft Internet Explorer 6 is installed
    oval oval:org.mitre.oval:def:563
  • comment Microsoft Windows XP SP1 (64-bit) is installed
    oval oval:org.mitre.oval:def:480
  • comment Microsoft Internet Explorer 6 is installed
    oval oval:org.mitre.oval:def:563
  • comment Microsoft Internet Explorer 6 is installed
    oval oval:org.mitre.oval:def:563
  • comment Microsoft Windows XP x64 Edition SP2 is installed
    oval oval:org.mitre.oval:def:4193
  • comment Microsoft Windows XP SP2 or later is installed
    oval oval:org.mitre.oval:def:521
  • comment Microsoft Windows XP SP1 (64-bit) is installed
    oval oval:org.mitre.oval:def:480
  • comment Microsoft Windows Server 2003 SP1 (x86) is installed
    oval oval:org.mitre.oval:def:565
  • comment Microsoft Windows Server 2003 SP2 (x86) is installed
    oval oval:org.mitre.oval:def:1935
  • comment Microsoft Windows XP x64 Edition SP2 is installed
    oval oval:org.mitre.oval:def:4193
  • comment Microsoft Internet Explorer 7 is installed
    oval oval:org.mitre.oval:def:627
  • comment Microsoft Windows Vista is installed
    oval oval:org.mitre.oval:def:228
  • comment Microsoft Internet Explorer 7 is installed
    oval oval:org.mitre.oval:def:627
description Unspecified vulnerability in Microsoft Internet Explorer 5.01 through 7 allows remote attackers to execute arbitrary code via unspecified vectors involving memory corruption from an unhandled error.
family windows
id oval:org.mitre.oval:def:2284
status accepted
submitted 2007-10-10T04:39:42
title Error Handling Memory Corruption Vulnerability
version 76
refmap via4
bid 25916
cert TA07-282A
hp
  • HPSBST02280
  • SSRT071480
sectrack 1018788
secunia 23469
vupen ADV-2007-3437
Last major update 15-10-2018 - 21:31
Published 09-10-2007 - 22:17
Last modified 15-10-2018 - 21:31
Back to Top