VYPR
Unrated severityNVD Advisory· Published Dec 12, 2007· Updated Jun 16, 2026

CVE-2007-3903

CVE-2007-3903

Description

Microsoft Internet Explorer 6 and 7 allows remote attackers to execute arbitrary code via uninitialized or deleted objects used in repeated calls to the (1) cloneNode or (2) nodeValue JavaScript function, a different issue than CVE-2007-3902 and CVE-2007-5344, a variant of "Uninitialized Memory Corruption Vulnerability."

AI Insight

LLM-synthesized narrative grounded in this CVE's description and references.

Affected products

18
  • Microsoft/Ie2 versions
    cpe:2.3:a:microsoft:ie:6.0:sp1:*:*:*:*:*:*+ 1 more
    • cpe:2.3:a:microsoft:ie:6.0:sp1:*:*:*:*:*:*
    • cpe:2.3:a:microsoft:ie:6.0:sp2:*:*:*:*:*:*
  • cpe:2.3:a:microsoft:internet_explorer:6:*:*:*:*:*:*:*+ 15 more
    • cpe:2.3:a:microsoft:internet_explorer:6:*:*:*:*:*:*:*
    • cpe:2.3:a:microsoft:internet_explorer:6.0:*:*:*:*:*:*:*
    • cpe:2.3:a:microsoft:internet_explorer:6.0.2600:*:*:*:*:*:*:*
    • cpe:2.3:a:microsoft:internet_explorer:6.0.2800:*:*:*:*:*:*:*
    • cpe:2.3:a:microsoft:internet_explorer:6.0.2800.1106:*:*:*:*:*:*:*
    • cpe:2.3:a:microsoft:internet_explorer:6.0.2900:*:*:*:*:*:*:*
    • cpe:2.3:a:microsoft:internet_explorer:6.0.2900.2180:*:*:*:*:*:*:*
    • cpe:2.3:a:microsoft:internet_explorer:6:sp1:*:*:*:*:*:*
    • cpe:2.3:a:microsoft:internet_explorer:7:*:*:*:*:*:*:*
    • cpe:2.3:a:microsoft:internet_explorer:7.0:*:*:*:*:*:*:*
    • cpe:2.3:a:microsoft:internet_explorer:7.0.5730.11:*:*:*:*:*:*:*
    • cpe:2.3:a:microsoft:internet_explorer:7.0:beta:*:*:*:*:*:*
    • cpe:2.3:a:microsoft:internet_explorer:7.0:beta1:*:*:*:*:*:*
    • cpe:2.3:a:microsoft:internet_explorer:7.0:beta2:*:*:*:*:*:*
    • cpe:2.3:a:microsoft:internet_explorer:7.0:beta3:*:*:*:*:*:*
    • (no CPE)range: 6, 7

Patches

Vulnerability mechanics

References

11

News mentions

0

No linked articles in our index yet.