CVE-2006-3640 — Sensitive Information Exposure in Microsoft IE

3 documents3 sources

Severity

5.0MEDIUMNVD

EPSS

37.5%

top 2.81%

CISA KEV

Not in KEV

Exploit

No known exploits

Affected products

Microsoft IE Microsoft Internet Explorer

Timeline

PublishedAug 9

Latest updateMay 1

Description

Microsoft Internet Explorer 5.01 and 6 allows certain script to persist across navigations between pages, which allows remote attackers to obtain the window location of visited web pages in other domains or zones, aka "Window Location Information Disclosure Vulnerability."

CVSS vector

AV:N/AC:L/C:P/I:N/A:NExploitability: 10.0 | Impact: 2.9

Affected Packages2 packages

▶NVDmicrosoft/internet_explorer5.01

▶NVDmicrosoft/ie6

🔴Vulnerability Details

GHSA

GHSA-6cgc-3hx5-cv2r: Microsoft Internet Explorer 5↗2022-05-01

▶

CVEList

CVE-2006-3640: Microsoft Internet Explorer 5↗2006-08-09

▶