Vulnerability Description
Directory traversal vulnerability in Microsoft Internet Explorer allows remote attackers to read arbitrary files via directory traversal sequences in a URI with a certain scheme, possibly related to "..%5C" (encoded backslash) sequences.
CVSS Score
HIGH
Affected Products
| Vendor | Product | Versions |
|---|---|---|
| Microsoft | Internet Explorer | All versions |
References
- http://ha.ckers.org/blog/20070516/read-firefox-settings-poc/#comment-35888
- http://osvdb.org/45436
- http://ha.ckers.org/blog/20070516/read-firefox-settings-poc/#comment-35888
- http://osvdb.org/45436
FAQ
What is CVE-2007-3075?
CVE-2007-3075 is a vulnerability with a CVSS score of 7.8 (HIGH). Directory traversal vulnerability in Microsoft Internet Explorer allows remote attackers to read arbitrary files via directory traversal sequences in a URI with a certain scheme, possibly related to "...
How severe is CVE-2007-3075?
CVE-2007-3075 has been rated HIGH with a CVSS base score of 7.8/10. Review the CVSS metrics above for detailed severity breakdown.
Is there a patch for CVE-2007-3075?
Check the references section above for vendor advisories and patch information. Affected products include: Microsoft Internet Explorer.