CVE-2007-3903

Currently unrated

Key Information:

Vendor: Microsoft
Status: Ie; Internet Explorer
Vendor: CVE Published:; 12 December 2007

Summary

Microsoft Internet Explorer 6 and 7 allows remote attackers to execute arbitrary code via uninitialized or deleted objects used in repeated calls to the (1) cloneNode or (2) nodeValue JavaScript function, a different issue than CVE-2007-3902 and CVE-2007-5344, a variant of "Uninitialized Memory Corruption Vulnerability."

References

http://securitytracker.com/id?1019078

vdb-entryx_refsource_SECTRACK

http://www.securityfocus.com/archive/1/484888/100/0/threaded

mailing-listx_refsource_BUGTRAQ

http://www.zerodayinitiative.com/advisories/ZDI-07-074.html

x_refsource_MISC

EPSS Score

91% chance of being exploited in the next 30 days.

Timeline

Vulnerability published
Dec 12, 2007
Vulnerability Reserved
Jul 19, 2007

Collectors

NVD DatabaseMitre Database