CVE-2006-3640

medium

Description

Microsoft Internet Explorer 5.01 and 6 allows certain script to persist across navigations between pages, which allows remote attackers to obtain the window location of visited web pages in other domains or zones, aka "Window Location Information Disclosure Vulnerability."

References

https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A171

https://docs.microsoft.com/en-us/security-updates/securitybulletins/2006/ms06-042

http://www.vupen.com/english/advisories/2006/3212

http://www.securityfocus.com/bid/19339

http://www.osvdb.org/27850

http://securitytracker.com/id?1016663

http://secunia.com/advisories/21396

Details

Source: Mitre, NVD

Published: 2006-08-09

Updated: 2024-11-21

Risk Information

CVSS v2

Base Score: 5

Vector: CVSS2#AV:N/AC:L/Au:N/C:P/I:N/A:N

Severity: Medium

CVSS v3

Base Score: 5.3

Vector: CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N

Severity: Medium