CVE-2007-3893 - Unspecified vulnerability in Microsoft Internet Explorer 5.01 through 7 allows remote attackers to e

CVE-2007-3893

Summary

Unspecified vulnerability in Microsoft Internet Explorer 5.01 through 7 allows remote attackers to execute arbitrary code via unspecified vectors involving memory corruption from an unhandled error.

References

Vulnerable Configurations

cpe:2.3:a:microsoft:internet_explorer:5.00.2919.6307:*:*:*:*:*:*:*
cpe:2.3:a:microsoft:internet_explorer:5.00.2919.6307:*:*:*:*:*:*:*
cpe:2.3:a:microsoft:internet_explorer:5.00.2919.800:*:*:*:*:*:*:*
cpe:2.3:a:microsoft:internet_explorer:5.00.2919.800:*:*:*:*:*:*:*
cpe:2.3:a:microsoft:internet_explorer:5.00.2920.0000:*:*:*:*:*:*:*
cpe:2.3:a:microsoft:internet_explorer:5.00.2920.0000:*:*:*:*:*:*:*
cpe:2.3:a:microsoft:internet_explorer:6.00.2462.0000:*:*:*:*:*:*:*
cpe:2.3:a:microsoft:internet_explorer:6.00.2462.0000:*:*:*:*:*:*:*
cpe:2.3:a:microsoft:internet_explorer:6.00.2479.0006:*:*:*:*:*:*:*
cpe:2.3:a:microsoft:internet_explorer:6.00.2479.0006:*:*:*:*:*:*:*
cpe:2.3:a:microsoft:internet_explorer:6.00.3790.1830:*:*:*:*:*:*:*
cpe:2.3:a:microsoft:internet_explorer:6.00.3790.1830:*:*:*:*:*:*:*
cpe:2.3:a:microsoft:internet_explorer:5.00.2614.3500:*:*:*:*:*:*:*
cpe:2.3:a:microsoft:internet_explorer:5.00.2614.3500:*:*:*:*:*:*:*
cpe:2.3:a:microsoft:internet_explorer:5.00.2919.3800:*:*:*:*:*:*:*
cpe:2.3:a:microsoft:internet_explorer:5.00.2919.3800:*:*:*:*:*:*:*
cpe:2.3:a:microsoft:internet_explorer:5.00.3502.1000:*:*:*:*:*:*:*
cpe:2.3:a:microsoft:internet_explorer:5.00.3502.1000:*:*:*:*:*:*:*
cpe:2.3:a:microsoft:internet_explorer:5.00.3700.1000:*:*:*:*:*:*:*
cpe:2.3:a:microsoft:internet_explorer:5.00.3700.1000:*:*:*:*:*:*:*
cpe:2.3:a:microsoft:internet_explorer:6.00.3718.0000:*:*:*:*:*:*:*
cpe:2.3:a:microsoft:internet_explorer:6.00.3718.0000:*:*:*:*:*:*:*
cpe:2.3:a:microsoft:internet_explorer:5.00.2516.1900:*:*:*:*:*:*:*
cpe:2.3:a:microsoft:internet_explorer:5.00.2516.1900:*:*:*:*:*:*:*
cpe:2.3:a:microsoft:internet_explorer:5.00.3103.1000:*:*:*:*:*:*:*
cpe:2.3:a:microsoft:internet_explorer:5.00.3103.1000:*:*:*:*:*:*:*
cpe:2.3:a:microsoft:internet_explorer:5.00.3105.0106:*:*:*:*:*:*:*
cpe:2.3:a:microsoft:internet_explorer:5.00.3105.0106:*:*:*:*:*:*:*
cpe:2.3:a:microsoft:internet_explorer:5.00.3314.2101:*:*:*:*:*:*:*
cpe:2.3:a:microsoft:internet_explorer:5.00.3314.2101:*:*:*:*:*:*:*
cpe:2.3:a:microsoft:internet_explorer:5.00.3315.1000:*:*:*:*:*:*:*
cpe:2.3:a:microsoft:internet_explorer:5.00.3315.1000:*:*:*:*:*:*:*
cpe:2.3:a:microsoft:internet_explorer:6.00.2600.0000:*:*:*:*:*:*:*
cpe:2.3:a:microsoft:internet_explorer:6.00.2600.0000:*:*:*:*:*:*:*
cpe:2.3:a:microsoft:internet_explorer:6.00.2800.1106:*:*:*:*:*:*:*
cpe:2.3:a:microsoft:internet_explorer:6.00.2800.1106:*:*:*:*:*:*:*
cpe:2.3:a:microsoft:internet_explorer:7.0:*:*:*:*:*:*:*
cpe:2.3:a:microsoft:internet_explorer:7.0:*:*:*:*:*:*:*
cpe:2.3:a:microsoft:internet_explorer:6.00.2900.2180:*:*:*:*:*:*:*
cpe:2.3:a:microsoft:internet_explorer:6.00.2900.2180:*:*:*:*:*:*:*
cpe:2.3:a:microsoft:internet_explorer:6.00.3663.0000:*:*:*:*:*:*:*
cpe:2.3:a:microsoft:internet_explorer:6.00.3663.0000:*:*:*:*:*:*:*
cpe:2.3:a:microsoft:internet_explorer:6.00.3790.0000:*:*:*:*:*:*:*
cpe:2.3:a:microsoft:internet_explorer:6.00.3790.0000:*:*:*:*:*:*:*
cpe:2.3:a:microsoft:internet_explorer:6.00.3790.3959:*:*:*:*:*:*:*
cpe:2.3:a:microsoft:internet_explorer:6.00.3790.3959:*:*:*:*:*:*:*
cpe:2.3:a:microsoft:internet_explorer:7.0:beta1:*:*:*:*:*:*
cpe:2.3:a:microsoft:internet_explorer:7.0:beta1:*:*:*:*:*:*
cpe:2.3:a:microsoft:internet_explorer:7.0:beta2:*:*:*:*:*:*
cpe:2.3:a:microsoft:internet_explorer:7.0:beta2:*:*:*:*:*:*
cpe:2.3:a:microsoft:internet_explorer:7.0:beta3:*:*:*:*:*:*
cpe:2.3:a:microsoft:internet_explorer:7.0:beta3:*:*:*:*:*:*
cpe:2.3:a:microsoft:internet_explorer:7.00.5730.1100:*:*:*:*:*:*:*
cpe:2.3:a:microsoft:internet_explorer:7.00.5730.1100:*:*:*:*:*:*:*
cpe:2.3:a:microsoft:internet_explorer:7.00.6000.16386:*:*:*:*:*:*:*
cpe:2.3:a:microsoft:internet_explorer:7.00.6000.16386:*:*:*:*:*:*:*
cpe:2.3:a:microsoft:internet_explorer:7.00.6000.16441:*:*:*:*:*:*:*
cpe:2.3:a:microsoft:internet_explorer:7.00.6000.16441:*:*:*:*:*:*:*

CVSS

Base:	6.8 (as of 23-07-2021 - 15:06)
Impact:
Exploitability:

CWE

CWE-399

CAPEC

Access

Vector	Complexity	Authentication
NETWORK	MEDIUM	NONE

Impact

Confidentiality	Integrity	Availability
PARTIAL	PARTIAL	PARTIAL

cvss-vector via4

AV:N/AC:M/Au:N/C:P/I:P/A:P

oval via4

accepted

2014-02-24T04:03:11.961-05:00

class

vulnerability

contributors

name Robert L. Hollis
organization ThreatGuard, Inc.
name Jeff Cheng
organization Opsware, Inc.
name Jeff Cheng
organization Opsware, Inc.
name Jeff Cheng
organization Opsware, Inc.
name Jeff Cheng
organization Opsware, Inc.
name Jeff Cheng
organization Opsware, Inc.
name Jeff Cheng
organization Opsware, Inc.
name Chandan S
organization SecPod Technologies
name Maria Mikhno
organization ALTX-SOFT

definition_extensions

comment Microsoft Windows 2000 SP4 or later is installed
oval oval:org.mitre.oval:def:229
comment Microsoft Internet Explorer 5.01 SP4 is installed
oval oval:org.mitre.oval:def:325
comment Microsoft Windows 2000 SP4 or later is installed
oval oval:org.mitre.oval:def:229
comment Microsoft Windows XP SP2 or later is installed
oval oval:org.mitre.oval:def:521
comment Microsoft Internet Explorer 6 is installed
oval oval:org.mitre.oval:def:563
comment Microsoft Windows Server 2003 SP1 (x86) is installed
oval oval:org.mitre.oval:def:565
comment Microsoft Windows Server 2003 (x64) is installed
oval oval:org.mitre.oval:def:730
comment Microsoft Windows Server 2003 SP1 for Itanium is installed
oval oval:org.mitre.oval:def:1205
comment Microsoft Internet Explorer 6 is installed
oval oval:org.mitre.oval:def:563
comment Microsoft Windows Server 2003 SP2 (x86) is installed
oval oval:org.mitre.oval:def:1935
comment Microsoft Windows Server 2003 SP2 (x64) is installed
oval oval:org.mitre.oval:def:2161
comment Microsoft Windows Server 2003 (ia64) SP2 is installed
oval oval:org.mitre.oval:def:1442
comment Microsoft Internet Explorer 6 is installed
oval oval:org.mitre.oval:def:563
comment Microsoft Windows XP SP1 (64-bit) is installed
oval oval:org.mitre.oval:def:480
comment Microsoft Internet Explorer 6 is installed
oval oval:org.mitre.oval:def:563
comment Microsoft Internet Explorer 6 is installed
oval oval:org.mitre.oval:def:563
comment Microsoft Windows XP x64 Edition SP2 is installed
oval oval:org.mitre.oval:def:4193
comment Microsoft Windows XP SP2 or later is installed
oval oval:org.mitre.oval:def:521
comment Microsoft Windows XP SP1 (64-bit) is installed
oval oval:org.mitre.oval:def:480
comment Microsoft Windows Server 2003 SP1 (x86) is installed
oval oval:org.mitre.oval:def:565
comment Microsoft Windows Server 2003 SP2 (x86) is installed
oval oval:org.mitre.oval:def:1935
comment Microsoft Windows XP x64 Edition SP2 is installed
oval oval:org.mitre.oval:def:4193
comment Microsoft Internet Explorer 7 is installed
oval oval:org.mitre.oval:def:627
comment Microsoft Windows Vista is installed
oval oval:org.mitre.oval:def:228
comment Microsoft Internet Explorer 7 is installed
oval oval:org.mitre.oval:def:627

description

Unspecified vulnerability in Microsoft Internet Explorer 5.01 through 7 allows remote attackers to execute arbitrary code via unspecified vectors involving memory corruption from an unhandled error.

family

windows

oval:org.mitre.oval:def:2284

status

accepted

submitted

2007-10-10T04:39:42

title

Error Handling Memory Corruption Vulnerability

version

refmap via4

bid	25916
cert	TA07-282A
hp	HPSBST02280 SSRT071480
sectrack	1018788
secunia	23469
vupen	ADV-2007-3437

Last major update

23-07-2021 - 15:06

Published

09-10-2007 - 22:17

Last modified

23-07-2021 - 15:06