Vulnerabilities > CVE-2007-4356 - Unspecified vulnerability in Microsoft Internet Explorer 6/7
Attack vector
NETWORK Attack complexity
MEDIUM Privileges required
NONE Confidentiality impact
COMPLETE Integrity impact
COMPLETE Availability impact
COMPLETE Summary
Microsoft Internet Explorer 6 and 7 embeds FTP credentials in HTML files that are retrieved during an FTP session, which allows context-dependent attackers to obtain sensitive information by reading the HTML source, as demonstrated by a (1) .htm, (2) .html, or (3) .mht file.
Vulnerable Configurations
Part | Description | Count |
---|---|---|
Application | 2 |