Vulnerability in N/a
CVE-2007-1499
Microsoft Internet Explorer 7.0 on Windows XP and Vista allows remote attackers to conduct phishing attacks and possibly execute arbitrary code via a res: URI to navcancl.htm with an arbitrary URL as an argument, which displays the URL in…
EPSS: 0.655 (98.5th percentile) — read the EPSS interpretation.
Affected products
- N/a — versions n/a
References
- 22966 (vdb-entry, x_refsource_BID)
- 2448 (x_refsource_SREASON, third-party-advisory)
- 35352 (x_refsource_OSVDB, vdb-entry)
- ADV-2007-0946 (vdb-entry, x_refsource_VUPEN)
- oval:org.mitre.oval:def:1715 (signature, x_refsource_OVAL, vdb-entry)
- 25627 (x_refsource_SECUNIA, third-party-advisory)
- aviv.raffon.net/2007/03/14/PhishingUsingIE7LocalResourceVulnerability.aspx (x_refsource_MISC)
- SSRT071438 (x_refsource_HP, vendor-advisory)
- ie-navcancl-xss(33026) (vdb-entry, x_refsource_XF)
- 1018235 (vdb-entry, x_refsource_SECTRACK)