Vulnerability Details CVE-2007-4848
Microsoft Internet Explorer 4.0 through 7 allows remote attackers to determine the existence of local files that have associated images via a res:// URI in the src property of a JavaScript Image object, as demonstrated by the URI for a bitmap image resource within a (1) .exe or (2) .dll file.
Exploit prediction scoring system (EPSS) score
EPSS Score 0.231
EPSS Ranking 95.6%
CVSS Severity
CVSS v2 Score 4.3
References
Products affected by CVE-2007-4848
-
cpe:2.3:a:microsoft:ie:4.x
-
cpe:2.3:a:microsoft:ie:5.0
-
cpe:2.3:a:microsoft:ie:5.0_ta3
-
cpe:2.3:a:microsoft:ie:5.x
-
cpe:2.3:a:microsoft:ie:6.0
-
cpe:2.3:a:microsoft:internet_explorer:4.0
-
cpe:2.3:a:microsoft:internet_explorer:4.0.1
-
cpe:2.3:a:microsoft:internet_explorer:4.1
-
cpe:2.3:a:microsoft:internet_explorer:4.5
-
cpe:2.3:a:microsoft:internet_explorer:5
-
cpe:2.3:a:microsoft:internet_explorer:5.0
-
cpe:2.3:a:microsoft:internet_explorer:5.0.1
-
cpe:2.3:a:microsoft:internet_explorer:5.01
-
cpe:2.3:a:microsoft:internet_explorer:5.1
-
cpe:2.3:a:microsoft:internet_explorer:5.2.3
-
cpe:2.3:a:microsoft:internet_explorer:5.5
-
cpe:2.3:a:microsoft:internet_explorer:6
-
cpe:2.3:a:microsoft:internet_explorer:6.0
-
cpe:2.3:a:microsoft:internet_explorer:6.0.2600
-
cpe:2.3:a:microsoft:internet_explorer:6.0.2800
-
cpe:2.3:a:microsoft:internet_explorer:6.0.2800.1106
-
cpe:2.3:a:microsoft:internet_explorer:6.0.2900
-
cpe:2.3:a:microsoft:internet_explorer:6.0.2900.2180
-
cpe:2.3:a:microsoft:internet_explorer:7
-
cpe:2.3:a:microsoft:internet_explorer:7.0
-
cpe:2.3:a:microsoft:internet_explorer:7.0.5730.11