|
|
| CVE-ID | ||
|---|---|---|
CVE-2007-3091 |
• Severity Rating • Fix Information • Vulnerable Software Versions • SCAP Mappings
|
|
| Description | ||
| Race condition in Microsoft Internet Explorer 6 SP1; 6 and 7 for Windows XP SP2 and SP3; 6 and 7 for Server 2003 SP2; 7 for Vista Gold, SP1, and SP2; and 7 for Server 2008 SP2 allows remote attackers to execute arbitrary code or perform other actions upon a page transition, with the permissions of the old page and the content of the new page, as demonstrated by setInterval functions that set location.href within a try/catch expression, aka the "bait & switch vulnerability" or "Race Condition Cross-Domain Information Disclosure Vulnerability." | ||
| References | ||
| Note: References are provided for the convenience of the reader to help distinguish between vulnerabilities. The list is not intended to be complete. | ||
|
||
| Date Entry Created | ||
| 20070606 | Disclaimer: The entry creation date may reflect when the CVE-ID was allocated or reserved, and does not necessarily indicate when this vulnerability was discovered, shared with the affected vendor, publicly disclosed, or updated in CVE. | |
| Phase (Legacy) | ||
| Assigned (20070606) | ||
| Votes (Legacy) | ||
| Comments (Legacy) | ||
| Proposed (Legacy) | ||
| N/A | ||
| This is an entry on the CVE list, which standardizes names for security problems. | ||
|
You can also search by reference using the CVE Reference Maps.
|
||
| For More Information: cve@mitre.org | ||
