CVE-2007-3550
Last modified
CVE-2007-3550 is a vulnerability of currently unknown severity. Microsoft Internet Explorer 6.0 and 7.0 allows remote attackers to fill Zones with arbitrary domains using certain metacharacters such as wildcards via JavaScript, which results in a denial of service (website suppression and resource consumption), aka "Internet Explorer Zone Domain Specification Dos and Page Suppressing". NOTE: this issue has been disputed by a third party, who states that the zone settings cannot be manipulated. EPSS estimates a 27.51% chance of exploitation in the next 30 days.
Description
Microsoft Internet Explorer 6.0 and 7.0 allows remote attackers to fill Zones with arbitrary domains using certain metacharacters such as wildcards via JavaScript, which results in a denial of service (website suppression and resource consumption), aka "Internet Explorer Zone Domain Specification Dos and Page Suppressing". NOTE: this issue has been disputed by a third party, who states that the zone settings cannot be manipulated
Metrics
Weakness Enumeration
Affected Software
| Vendor | Product | Versions | Update |
|---|---|---|---|
| Microsoft | Ie | 6.0 | Sp1 |
| Microsoft | Internet Explorer | 6.0 | — |
| Microsoft | Internet Explorer | 7.0 | — |
References
- http://www.securityfocus.com/bid/24744Vendor Advisory
- http://www.securityfocus.com/bid/24744Vendor Advisory
Timeline
- Published
- Last Modified
- Status
- Modified
Frequently Asked Questions
What is CVE-2007-3550?
How severe is CVE-2007-3550?
How do I fix CVE-2007-3550?
Are you affected by CVE-2007-3550?
Run a free Strix scan to check your systems for this vulnerability.
Scan your code nowSource: NVD / NIST