Vulnerabilities > CVE-2007-5277 - Unspecified vulnerability in Microsoft Internet Explorer 6.0
Attack vector
NETWORK Attack complexity
MEDIUM Privileges required
NONE Confidentiality impact
NONE Integrity impact
PARTIAL Availability impact
NONE network
microsoft
Summary
Microsoft Internet Explorer 6 drops DNS pins based on failed connections to irrelevant TCP ports, which makes it easier for remote attackers to conduct DNS rebinding attacks, as demonstrated by a port 81 URL in an IMG SRC, when the DNS pin had been established for a session on port 80, a different issue than CVE-2006-4560.
Vulnerable Configurations
Part | Description | Count |
---|---|---|
Application | 1 |