1. Home
  2. CVE Database
  3. CVE-2007-3550
HIGH · 7.8

CVE-2007-3550

Microsoft Internet Explorer 6.0 and 7.0 allows remote attackers to fill Zones with arbitrary domains using certain metacharacters such as wildcards via JavaScript, which results in a denial of service...

Vulnerability Description

Microsoft Internet Explorer 6.0 and 7.0 allows remote attackers to fill Zones with arbitrary domains using certain metacharacters such as wildcards via JavaScript, which results in a denial of service (website suppression and resource consumption), aka "Internet Explorer Zone Domain Specification Dos and Page Suppressing". NOTE: this issue has been disputed by a third party, who states that the zone settings cannot be manipulated

CVSS Score

7.8

HIGH

AV:N/AC:L/Au:N/C:N/I:N/A:C
Confidentiality
NONE
Integrity
NONE
Availability
COMPLETE

Affected Products

VendorProductVersions
MicrosoftIe6.0
MicrosoftInternet Explorer6.0

Related Weaknesses (CWE)

CWE-94

References

FAQ

What is CVE-2007-3550?

CVE-2007-3550 is a vulnerability with a CVSS score of 7.8 (HIGH). Microsoft Internet Explorer 6.0 and 7.0 allows remote attackers to fill Zones with arbitrary domains using certain metacharacters such as wildcards via JavaScript, which results in a denial of service...

How severe is CVE-2007-3550?

CVE-2007-3550 has been rated HIGH with a CVSS base score of 7.8/10. Review the CVSS metrics above for detailed severity breakdown.

Is there a patch for CVE-2007-3550?

Check the references section above for vendor advisories and patch information. Affected products include: Microsoft Ie, Microsoft Internet Explorer.