| Vulnerability Name: | CVE-2007-3075 (CCN-34989) | ||||||||
| Assigned: | 2007-06-05 | ||||||||
| Published: | 2007-06-05 | ||||||||
| Updated: | 2021-07-23 | ||||||||
| Summary: | Directory traversal vulnerability in Microsoft Internet Explorer allows remote attackers to read arbitrary files via directory traversal sequences in a URI with a certain scheme, possibly related to "..%5C" (encoded backslash) sequences. | ||||||||
| CVSS v3 Severity: | 5.3 Medium (CCN CVSS v3.1 Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N)
| ||||||||
| CVSS v2 Severity: | 7.8 High (CVSS v2 Vector: AV:N/AC:L/Au:N/C:C/I:N/A:N) 7.0 High (Temporal CVSS v2 Vector: AV:N/AC:L/Au:N/C:C/I:N/A:N/E:F/RL:U/RC:UR)
4.5 Medium (CCN Temporal CVSS v2 Vector: AV:N/AC:L/Au:N/C:P/I:N/A:N/E:F/RL:U/RC:UR)
| ||||||||
| Vulnerability Type: | CWE-Other | ||||||||
| Vulnerability Consequences: | Obtain Information | ||||||||
| References: | Source: MITRE Type: CNA CVE-2007-3075 Source: MITRE Type: CNA CVE-2007-4848 Source: CCN Type: ha.ckers.org Blog, May 16th, 2007 at 3:15 pm Read Firefox Settings (PoC) Source: MISC Type: UNKNOWN http://ha.ckers.org/blog/20070516/read-firefox-settings-poc/#comment-35888 Source: OSVDB Type: UNKNOWN 45436 Source: CCN Type: Microsoft Internet Explorer Web site Internet Explorer: Home Page Source: CCN Type: OSVDB ID: 37638 Microsoft IE res:// URI Image Object Local File Enumeration Source: CCN Type: OSVDB ID: 45436 Microsoft IE URI Unspecified Scheme Traversal Arbitrary File Access Source: CCN Type: BID-33413 Microsoft Internet Explorer Unspecified Directory Traversal Vulnerability Source: CCN Type: Billy (BK) Rios' Blog, Friday, July 20th, 2007 More URI Stuff (IEs Resouce URI) Source: XF Type: UNKNOWN ie-resource-information-disclosure(34989) | ||||||||
| Vulnerable Configuration: | Configuration 1: Configuration CCN 1:  Denotes that component is vulnerable | ||||||||
| BACK | |||||||||