Vulnerabilities > CVE-2007-3092 - Unspecified vulnerability in Microsoft Internet Explorer 6.0

CVSS 9.3 - CRITICAL

Attack vector

NETWORK

Attack complexity

MEDIUM

Privileges required

NONE

Confidentiality impact

COMPLETE

Integrity impact

COMPLETE

Availability impact

COMPLETE

network

microsoft

critical

NVD

Published: 2007-06-06

Updated: 2021-12-13

Summary

Microsoft Internet Explorer 6 allows remote attackers to spoof the URL bar, and page properties including SSL certificates, by interrupting page loading through certain use of location DOM objects and setTimeout calls. NOTE: this issue can be leveraged for phishing and other attacks.

Vulnerable Configurations

Part	Description	Count
Application	Microsoft Microsoft Internet Explorer 6.0	3

References

http://archives.neohapsis.com/archives/fulldisclosure/2007-06/0026.html
http://lcamtuf.coredump.cx/ietrap2/
http://www.securityfocus.com/bid/24298
http://securitytracker.com/id?1018193
http://secunia.com/advisories/25564
http://securityreason.com/securityalert/2781
http://osvdb.org/45437
https://exchange.xforce.ibmcloud.com/vulnerabilities/34705
http://www.securityfocus.com/archive/1/470446/100/0/threaded