Vulnerability in N/a
CVE-2007-1091
Microsoft Internet Explorer 7 allows remote attackers to prevent users from leaving a site, spoof the address bar, and conduct phishing and other attacks via onUnload Javascript handlers.
EPSS: 0.501 (97.9th percentile) — read the EPSS interpretation.
Affected products
- N/a — versions n/a
References
- lcamtuf.coredump.cx/ietrap (x_refsource_MISC)
- 22680 (vdb-entry, x_refsource_BID)
- ADV-2007-0713 (vdb-entry, x_refsource_VUPEN)
- 20070223 MSIE7 browser entrapment vulnerability (probably Firefox, too) (mailing-list, x_refsource_BUGTRAQ)
- ie-mozilla-onunload-dos(32647) (vdb-entry, x_refsource_XF)
- HPSBST02280 (x_refsource_HP, vendor-advisory)
- 23014 (x_refsource_SECUNIA, third-party-advisory)
- ie-mozilla-onunload-url-spoofing(32649) (vdb-entry, x_refsource_XF)
- oval:org.mitre.oval:def:2162 (signature, x_refsource_OVAL, vdb-entry)
- 20070223 Secunia Research: Internet Explorer 7 "onunload" Event SpoofingVulnerability (mailing-list, x_refsource_BUGTRAQ)