CVE-2007-3091

Microsoft Windows 2003 Server - Race Condition

Title source: rule

Description

Race condition in Microsoft Internet Explorer 6 SP1; 6 and 7 for Windows XP SP2 and SP3; 6 and 7 for Server 2003 SP2; 7 for Vista Gold, SP1, and SP2; and 7 for Server 2008 SP2 allows remote attackers to execute arbitrary code or perform other actions upon a page transition, with the permissions of the old page and the content of the new page, as demonstrated by setInterval functions that set location.href within a try/catch expression, aka the "bait & switch vulnerability" or "Race Condition Cross-Domain Information Disclosure Vulnerability."

References (16)

Core 16

Core References

Third Party Advisory, VDB Entry vdb-entry x_refsource_xf

https://exchange.xforce.ibmcloud.com/vulnerabilities/34696

Patch, Vendor Advisory vdb-entry x_refsource_vupen

http://www.vupen.com/english/advisories/2009/1538

Vendor Advisory third-party-advisory x_refsource_secunia

http://secunia.com/advisories/25564

Vendor Advisory vendor-advisory x_refsource_ms

https://docs.microsoft.com/en-us/security-updates/securitybulletins/2009/ms09-019

Patch vdb-entry x_refsource_bid

http://www.securityfocus.com/bid/24283

US Government Resource third-party-advisory x_refsource_cert-vn

http://www.kb.cert.org/vuls/id/471361

Third Party Advisory, VDB Entry vdb-entry x_refsource_sectrack

http://securitytracker.com/id?1018192

Third Party Advisory mailing-list x_refsource_fulldisc

http://archives.neohapsis.com/archives/fulldisclosure/2007-06/0026.html

Various Sources x_refsource_misc

http://lcamtuf.coredump.cx/ierace/

Third Party Advisory, VDB Entry mailing-list x_refsource_bugtraq

http://www.securityfocus.com/archive/1/470446/100/0/threaded

Third Party Advisory, VDB Entry vdb-entry x_refsource_osvdb

http://osvdb.org/54944

Third Party Advisory, VDB Entry vdb-entry x_refsource_osvdb

http://osvdb.org/38497

Vendor Advisory vdb-entry x_refsource_vupen

http://www.vupen.com/english/advisories/2007/2064

Third Party Advisory, VDB Entry vdb-entry signature x_refsource_oval

https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A6041

US Government Resource third-party-advisory x_refsource_cert

http://www.us-cert.gov/cas/techalerts/TA09-160A.html

Third Party Advisory third-party-advisory x_refsource_sreason

http://securityreason.com/securityalert/2781

Scores

EPSS 0.2775

EPSS Percentile 97.8%

Details

CWE

CWE-362

Status published

Products (8)

microsoft/internet_explorer 6 (2 CPE variants)

microsoft/internet_explorer 7.0

microsoft/windows_2000

microsoft/windows_2003_server sp1 (3 CPE variants)

microsoft/windows_2003_server sp2 (3 CPE variants)

microsoft/windows_server_2008 (5 CPE variants)

microsoft/windows_vista (5 CPE variants)

microsoft/windows_xp (3 CPE variants)

Published Jun 06, 2007

Tracked Since Feb 18, 2026