← Back

CVE-2007-3892

nvd nist
Published: Oct 9, 2007Modified: Apr 23, 2026

JSON object

Loading...
7.5
Vector
AV:N/AC:L/Au:N/C:P/I:P/A:P
Exploitability: 10.0 / Impact: 6.4
Source: NVD

Description

Microsoft Internet Explorer 5.01 through 7 allows remote attackers to spoof the URL address bar and other "trust UI" components via unspecified vectors, a different issue than CVE-2007-1091 and CVE-2007-3826.

Affected (29)

Microsoft
1 product
Internet Explorer
Configuration A
29 vulnerable
Vulnerable SoftwareAffected Versions
Microsoft
Internet Explorer
Version 5.00.2516.1900
Internet Explorer
Version 5.00.2614.3500
Internet Explorer
Version 5.00.2919.3800
Internet Explorer
Version 5.00.2919.6307
Internet Explorer
Version 5.00.2919.800
Internet Explorer
Version 5.00.2920.0000
Internet Explorer
Version 5.00.3103.1000
Internet Explorer
Version 5.00.3105.0106
Internet Explorer
Version 5.00.3314.2101
Internet Explorer
Version 5.00.3315.1000
Internet Explorer
Version 5.00.3502.1000
Internet Explorer
Version 5.00.3700.1000
Internet Explorer
Version 6.00.2462.0000
Internet Explorer
Version 6.00.2479.0006
Internet Explorer
Version 6.00.2600.0000
Internet Explorer
Version 6.00.2800.1106
Internet Explorer
Version 6.00.2900.2180
Internet Explorer
Version 6.00.3663.0000
Internet Explorer
Version 6.00.3718.0000
Internet Explorer
Version 6.00.3790.0000
Internet Explorer
Version 6.00.3790.1830
Internet Explorer
Version 6.00.3790.3959
Internet Explorer
Version 7.00.5730.1100
Internet Explorer
Version 7.00.6000.16386
Internet Explorer
Version 7.00.6000.16441
Internet Explorer
Version 7.0
Internet Explorer
Version 7.0 beta1
Internet Explorer
Version 7.0 beta2
Internet Explorer
Version 7.0 beta3

Related CWEs

CWE-94
Improper Control of Generation of Code ('Code Injection')
The product constructs all or part of a code segment using externally-influenced input from an upstream component, but it does not neutralize or incorrectly neutralizes special elements that could modify the syntax or behavior of the intended code segment.

References (16)

Source: secure@microsoft.com
Source: secure@microsoft.com
Source: secure@microsoft.com
Source: secure@microsoft.com
Source: secure@microsoft.com
US Government Resource
Source: secure@microsoft.com
Source: secure@microsoft.com
Source: secure@microsoft.com
Source: af854a3a-2127-422b-91ae-364da2661108
Source: af854a3a-2127-422b-91ae-364da2661108
Source: af854a3a-2127-422b-91ae-364da2661108
Source: af854a3a-2127-422b-91ae-364da2661108
Source: af854a3a-2127-422b-91ae-364da2661108
US Government Resource
Source: af854a3a-2127-422b-91ae-364da2661108
Source: af854a3a-2127-422b-91ae-364da2661108
Source: af854a3a-2127-422b-91ae-364da2661108

Timeline

No history available yet.