CVE-2007-3826
published 2007-07-17CVE-2007-3826: Microsoft Internet Explorer 7 on Windows XP SP2 allows remote attackers to prevent users from leaving a site, spoof the address bar, and conduct phishing and…
PriorityP339critical9.3CVSS 2.0
AVNACMAuNCCICAC
EPSS
28.74%
97.9th percentile
Microsoft Internet Explorer 7 on Windows XP SP2 allows remote attackers to prevent users from leaving a site, spoof the address bar, and conduct phishing and other attacks via repeated document.open function calls after a user requests a new page, but before the onBeforeUnload function is called.
Affected
27 ranges· showing 25
| Vendor | Product | Version range | Fixed in |
|---|---|---|---|
| microsoft | internet_explorer | — | — |
| microsoft | internet_explorer | — | — |
| microsoft | internet_explorer | — | — |
| microsoft | internet_explorer | — | — |
| microsoft | internet_explorer | — | — |
| microsoft | internet_explorer | — | — |
| microsoft | internet_explorer | — | — |
| microsoft | internet_explorer | — | — |
| microsoft | internet_explorer | — | — |
| microsoft | internet_explorer | — | — |
| microsoft | internet_explorer | — | — |
| microsoft | internet_explorer | — | — |
| microsoft | internet_explorer | — | — |
| microsoft | internet_explorer | — | — |
| microsoft | internet_explorer | — | — |
| microsoft | internet_explorer | — | — |
| microsoft | internet_explorer | — | — |
| microsoft | internet_explorer | — | — |
| microsoft | internet_explorer | — | — |
| microsoft | internet_explorer | — | — |
| microsoft | internet_explorer | — | — |
| microsoft | internet_explorer | — | — |
| microsoft | internet_explorer | — | — |
| microsoft | internet_explorer | — | — |
| microsoft | internet_explorer | — | — |
Stop checking back — get the weekly exploitation signal.
Every Monday: what got weaponized or added to CISA KEV in the last seven days — each CVE cross-linked to its PoC, Nuclei template, and detection rule. Free, one email a week, unsubscribe in one click.
GHSA
GHSA-mjmq-m73w-2rj6: Microsoft Internet Explorer 7 on Windows XP SP2 allows remote attackers to prevent users from leaving a site, spoof the address bar, and conduct phish
ghsa_unreviewed·2022-05-01
CVE-2007-3826 [HIGH] GHSA-mjmq-m73w-2rj6: Microsoft Internet Explorer 7 on Windows XP SP2 allows remote attackers to prevent users from leaving a site, spoof the address bar, and conduct phish
Microsoft Internet Explorer 7 on Windows XP SP2 allows remote attackers to prevent users from leaving a site, spoof the address bar, and conduct phishing and other attacks via repeated document.open function calls after a user requests a new page, but before the onBeforeUnload function is called.
GHSA
GHSA-xpp7-fcx9-3jh8: Microsoft Internet Explorer 5
ghsa_unreviewed·2022-05-01·CVSS 6.8
CVE-2007-3892 [MEDIUM] CWE-94 GHSA-xpp7-fcx9-3jh8: Microsoft Internet Explorer 5
Microsoft Internet Explorer 5.01 through 7 allows remote attackers to spoof the URL address bar and other "trust UI" components via unspecified vectors, a different issue than CVE-2007-1091 and CVE-2007-3826.
No detection rules found.
No public exploits indexed.
No writeups or analysis indexed.
http://lcamtuf.coredump.cx/ietrap3/http://osvdb.org/38212http://secunia.com/advisories/26069http://securityreason.com/securityalert/2892http://securitytracker.com/id?1018788http://www.securityfocus.com/archive/1/473702/100/0/threadedhttp://www.securityfocus.com/archive/1/482366/100/0/threadedhttp://www.securityfocus.com/bid/24911http://www.us-cert.gov/cas/techalerts/TA07-282A.htmlhttp://www.vupen.com/english/advisories/2007/2540https://docs.microsoft.com/en-us/security-updates/securitybulletins/2007/ms07-057https://exchange.xforce.ibmcloud.com/vulnerabilities/35421https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A2324http://lcamtuf.coredump.cx/ietrap3/http://osvdb.org/38212http://secunia.com/advisories/26069http://securityreason.com/securityalert/2892http://securitytracker.com/id?1018788http://www.securityfocus.com/archive/1/473702/100/0/threadedhttp://www.securityfocus.com/archive/1/482366/100/0/threadedhttp://www.securityfocus.com/bid/24911http://www.us-cert.gov/cas/techalerts/TA07-282A.htmlhttp://www.vupen.com/english/advisories/2007/2540https://docs.microsoft.com/en-us/security-updates/securitybulletins/2007/ms07-057https://exchange.xforce.ibmcloud.com/vulnerabilities/35421https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A2324
2007-07-17
Published