Microsoft Internet Explorer 4.0 through 7 allows remote attackers to determine the existence of local files that have associated images via a res:// URI in the src property of a JavaScript Image object, as demonstrated by the URI for a bitmap image resource within a (1) .exe or (2) .dll file.
2007-09-12T20:17:00.000
2025-04-09T00:30:58.490
Deferred
CVSSv2: 4.3 (MEDIUM)
AV:N/AC:M/Au:N/C:P/I:N/A:N
8.6
2.9
| Type | Vendor | Product | Version/Range | Vulnerable? |
|---|---|---|---|---|
| Application | microsoft | ie | 4.x | Yes |
| Application | microsoft | ie | 5.0 | Yes |
| Application | microsoft | ie | 5.0 | Yes |
| Application | microsoft | ie | 5.0_ta3 | Yes |
| Application | microsoft | ie | 5.x | Yes |
| Application | microsoft | ie | 6.0 | Yes |
| Application | microsoft | ie | 6.0 | Yes |
| Application | microsoft | internet_explorer | 4.0 | Yes |
| Application | microsoft | internet_explorer | 4.0.1 | Yes |
| Application | microsoft | internet_explorer | 4.1 | Yes |
| Application | microsoft | internet_explorer | 4.5 | Yes |
| Application | microsoft | internet_explorer | 5 | Yes |
| Application | microsoft | internet_explorer | 5.0 | Yes |
| Application | microsoft | internet_explorer | 5.0.1 | Yes |
| Application | microsoft | internet_explorer | 5.0.1 | Yes |
| Application | microsoft | internet_explorer | 5.0.1 | Yes |
| Application | microsoft | internet_explorer | 5.0.1 | Yes |
| Application | microsoft | internet_explorer | 5.0.1 | Yes |
| Application | microsoft | internet_explorer | 5.01 | Yes |
| Application | microsoft | internet_explorer | 5.1 | Yes |
| Application | microsoft | internet_explorer | 5.01 | Yes |
| Application | microsoft | internet_explorer | 5.01 | Yes |
| Application | microsoft | internet_explorer | 5.01 | Yes |
| Application | microsoft | internet_explorer | 5.01 | Yes |
| Application | microsoft | internet_explorer | 5.2.3 | Yes |
| Application | microsoft | internet_explorer | 5.5 | Yes |
| Application | microsoft | internet_explorer | 5.5 | Yes |
| Application | microsoft | internet_explorer | 5.5 | Yes |
| Application | microsoft | internet_explorer | 5.5 | Yes |
| Application | microsoft | internet_explorer | 6 | Yes |
| Application | microsoft | internet_explorer | 6 | Yes |
| Application | microsoft | internet_explorer | 6.0 | Yes |
| Application | microsoft | internet_explorer | 6.0.2600 | Yes |
| Application | microsoft | internet_explorer | 6.0.2800 | Yes |
| Application | microsoft | internet_explorer | 6.0.2800.1106 | Yes |
| Application | microsoft | internet_explorer | 6.0.2900 | Yes |
| Application | microsoft | internet_explorer | 6.0.2900.2180 | Yes |
| Application | microsoft | internet_explorer | 7 | Yes |
| Application | microsoft | internet_explorer | 7.0 | Yes |
| Application | microsoft | internet_explorer | 7.0 | Yes |
| Application | microsoft | internet_explorer | 7.0 | Yes |
| Application | microsoft | internet_explorer | 7.0 | Yes |
| Application | microsoft | internet_explorer | 7.0 | Yes |
| Application | microsoft | internet_explorer | 7.0.5730.11 | Yes |