VYPR
Unrated severityNVD Advisory· Published Sep 12, 2007· Updated Jun 16, 2026

CVE-2007-4848

CVE-2007-4848

Description

Microsoft Internet Explorer 4.0 through 7 allows remote attackers to determine the existence of local files that have associated images via a res:// URI in the src property of a JavaScript Image object, as demonstrated by the URI for a bitmap image resource within a (1) .exe or (2) .dll file.

Affected products

45
  • Microsoft/Ie7 versions
    cpe:2.3:a:microsoft:ie:4.x:*:*:*:*:*:*:*+ 6 more
    • cpe:2.3:a:microsoft:ie:4.x:*:*:*:*:*:*:*
    • cpe:2.3:a:microsoft:ie:5.0:sp1:*:*:*:*:*:*
    • cpe:2.3:a:microsoft:ie:5.0:sp4:*:*:*:*:*:*
    • cpe:2.3:a:microsoft:ie:5.0_ta3:*:*:*:*:*:*:*
    • cpe:2.3:a:microsoft:ie:5.x:*:*:*:*:*:*:*
    • cpe:2.3:a:microsoft:ie:6.0:sp1:*:*:*:*:*:*
    • cpe:2.3:a:microsoft:ie:6.0:sp2:*:*:*:*:*:*
  • cpe:2.3:a:microsoft:internet_explorer:4.0:*:*:*:*:*:*:*+ 37 more
    • cpe:2.3:a:microsoft:internet_explorer:4.0:*:*:*:*:*:*:*
    • cpe:2.3:a:microsoft:internet_explorer:4.0.1:*:*:*:*:*:*:*
    • cpe:2.3:a:microsoft:internet_explorer:4.1:*:*:*:*:*:*:*
    • cpe:2.3:a:microsoft:internet_explorer:4.5:*:*:*:*:*:*:*
    • cpe:2.3:a:microsoft:internet_explorer:5:*:*:*:*:*:*:*
    • cpe:2.3:a:microsoft:internet_explorer:5.0:*:*:*:*:*:*:*
    • cpe:2.3:a:microsoft:internet_explorer:5.0.1:*:*:*:*:*:*:*
    • cpe:2.3:a:microsoft:internet_explorer:5.01:*:*:*:*:*:*:*
    • cpe:2.3:a:microsoft:internet_explorer:5.0.1:sp1:*:*:*:*:*:*
    • cpe:2.3:a:microsoft:internet_explorer:5.01:sp1:*:*:*:*:*:*
    • cpe:2.3:a:microsoft:internet_explorer:5.0.1:sp2:*:*:*:*:*:*
    • cpe:2.3:a:microsoft:internet_explorer:5.01:sp2:*:*:*:*:*:*
    • cpe:2.3:a:microsoft:internet_explorer:5.0.1:sp3:*:*:*:*:*:*
    • cpe:2.3:a:microsoft:internet_explorer:5.01:sp3:*:*:*:*:*:*
    • cpe:2.3:a:microsoft:internet_explorer:5.0.1:sp4:*:*:*:*:*:*
    • cpe:2.3:a:microsoft:internet_explorer:5.01:sp4:*:*:*:*:*:*
    • cpe:2.3:a:microsoft:internet_explorer:5.1:*:*:*:*:*:*:*
    • cpe:2.3:a:microsoft:internet_explorer:5.2.3:*:*:*:*:*:*:*
    • cpe:2.3:a:microsoft:internet_explorer:5.5:*:*:*:*:*:*:*
    • cpe:2.3:a:microsoft:internet_explorer:5.5:preview:*:*:*:*:*:*
    • cpe:2.3:a:microsoft:internet_explorer:5.5:sp1:*:*:*:*:*:*
    • cpe:2.3:a:microsoft:internet_explorer:5.5:sp2:*:*:*:*:*:*
    • cpe:2.3:a:microsoft:internet_explorer:6:*:*:*:*:*:*:*
    • cpe:2.3:a:microsoft:internet_explorer:6.0:*:*:*:*:*:*:*
    • cpe:2.3:a:microsoft:internet_explorer:6.0.2600:*:*:*:*:*:*:*
    • cpe:2.3:a:microsoft:internet_explorer:6.0.2800:*:*:*:*:*:*:*
    • cpe:2.3:a:microsoft:internet_explorer:6.0.2800.1106:*:*:*:*:*:*:*
    • cpe:2.3:a:microsoft:internet_explorer:6.0.2900:*:*:*:*:*:*:*
    • cpe:2.3:a:microsoft:internet_explorer:6.0.2900.2180:*:*:*:*:*:*:*
    • cpe:2.3:a:microsoft:internet_explorer:6:sp1:*:*:*:*:*:*
    • cpe:2.3:a:microsoft:internet_explorer:7:*:*:*:*:*:*:*
    • cpe:2.3:a:microsoft:internet_explorer:7.0:*:*:*:*:*:*:*
    • cpe:2.3:a:microsoft:internet_explorer:7.0.5730.11:*:*:*:*:*:*:*
    • cpe:2.3:a:microsoft:internet_explorer:7.0:beta:*:*:*:*:*:*
    • cpe:2.3:a:microsoft:internet_explorer:7.0:beta1:*:*:*:*:*:*
    • cpe:2.3:a:microsoft:internet_explorer:7.0:beta2:*:*:*:*:*:*
    • cpe:2.3:a:microsoft:internet_explorer:7.0:beta3:*:*:*:*:*:*
    • (no CPE)range: 4.0 - 7

Patches

Vulnerability mechanics

References

2

News mentions

0

No linked articles in our index yet.