CVE-2007-4356
N/A
N/A
Summary
Microsoft Internet Explorer 6 and 7 embeds FTP credentials in HTML files that are retrieved during an FTP session, which allows context-dependent attackers to obtain sensitive information by reading the HTML source, as demonstrated by a (1) .htm, (2) .html, or (3) .mht file.
Affected Software
| Vendor | Product | Version Range | Status |
|---|---|---|---|
| n/a | n/a | n/a | affected |
Weaknesses
- n/a
ADP Enrichment
CVE Program Container
Additional References
- http://osvdb.org/36400
- http://secunia.com/advisories/26427
- http://blog.washingtonpost.com/securityfix/2007/08/ftp_files_expose_web_site_cred.html
References
- http://osvdb.org/36400
- http://secunia.com/advisories/26427
- http://blog.washingtonpost.com/securityfix/2007/08/ftp_files_expose_web_site_cred.html
Feedback
Was this page helpful?
Glad to hear it! Please tell us how we can improve.
Sorry to hear that. Please tell us how we can improve.