Back to search
CVE-2007-3406
Published: Jun 26, 2007
Modified: Aug 7, 2024
PUBLISHED
Description
Multiple absolute path traversal vulnerabilities in Microsoft Internet Explorer 6 on Windows XP SP2 allow remote attackers to access arbitrary local files via the file: URI in the (1) src attribute of a (a) bgsound, (b) input, (c) EMBED, (d) img, or (e) script tag; (2) data attribute of an object tag; (3) value attribute of a param tag; (4) background attribute of a body tag; or (5) the background:url attribute declared in the BODY parameter of a STYLE tag.
| Vendor | Product | Versions |
|---|---|---|
n/a | n/a | affected n/a |
References
45435
vdb-entry
x_refsource_OSVDB
22621
vdb-entry
x_refsource_BID
http://www.xdisclose.com/XD100099.txt
x_refsource_MISC
Security Training
Train your team to recognize and prevent security threats with our comprehensive security awareness program.
Start TrainingVulnerability Scanning
Discover vulnerabilities in your applications and infrastructure before attackers do.
Scan Now