CVE-2007-3826

N/A Unknown

Published: July 17, 2007 Modified: April 23, 2026

Description

Microsoft Internet Explorer 7 on Windows XP SP2 allows remote attackers to prevent users from leaving a site, spoof the address bar, and conduct phishing and other attacks via repeated document.open function calls after a user requests a new page, but before the onBeforeUnload function is called.

AI Explanation

Get an AI-powered plain-language explanation of this vulnerability and remediation steps.

Login to generate AI explanation

References to Advisories, Solutions, and Tools

Patch Vendor Advisory Exploit Third Party Advisory

http://lcamtuf.coredump.cx/ietrap3/

Source: cve@mitre.org

http://osvdb.org/38212

Source: cve@mitre.org

http://secunia.com/advisories/26069

Source: cve@mitre.org

Vendor Advisory

http://securityreason.com/securityalert/2892

Source: cve@mitre.org

http://securitytracker.com/id?1018788

Source: cve@mitre.org

http://www.securityfocus.com/archive/1/473702/100/0/threaded

Source: cve@mitre.org

http://www.securityfocus.com/archive/1/482366/100/0/threaded

Source: cve@mitre.org

http://www.securityfocus.com/bid/24911

Source: cve@mitre.org

Exploit

http://www.us-cert.gov/cas/techalerts/TA07-282A.html

Source: cve@mitre.org

US Government Resource

http://www.vupen.com/english/advisories/2007/2540

Source: cve@mitre.org

https://docs.microsoft.com/en-us/security-updates/securitybulletins/2007/ms07-057

Source: cve@mitre.org

https://exchange.xforce.ibmcloud.com/vulnerabilities/35421

Source: cve@mitre.org

https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A2324

Source: cve@mitre.org

http://lcamtuf.coredump.cx/ietrap3/

Source: af854a3a-2127-422b-91ae-364da2661108

http://osvdb.org/38212

Source: af854a3a-2127-422b-91ae-364da2661108

http://secunia.com/advisories/26069

Source: af854a3a-2127-422b-91ae-364da2661108

Vendor Advisory

http://securityreason.com/securityalert/2892

Source: af854a3a-2127-422b-91ae-364da2661108

http://securitytracker.com/id?1018788

Source: af854a3a-2127-422b-91ae-364da2661108

http://www.securityfocus.com/archive/1/473702/100/0/threaded

Source: af854a3a-2127-422b-91ae-364da2661108

http://www.securityfocus.com/archive/1/482366/100/0/threaded

Source: af854a3a-2127-422b-91ae-364da2661108

http://www.securityfocus.com/bid/24911

Source: af854a3a-2127-422b-91ae-364da2661108

Exploit

http://www.us-cert.gov/cas/techalerts/TA07-282A.html

Source: af854a3a-2127-422b-91ae-364da2661108

US Government Resource

http://www.vupen.com/english/advisories/2007/2540

Source: af854a3a-2127-422b-91ae-364da2661108

https://docs.microsoft.com/en-us/security-updates/securitybulletins/2007/ms07-057

Source: af854a3a-2127-422b-91ae-364da2661108

https://exchange.xforce.ibmcloud.com/vulnerabilities/35421

Source: af854a3a-2127-422b-91ae-364da2661108

https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A2324

Source: af854a3a-2127-422b-91ae-364da2661108

26 reference(s) from NVD

Quick Stats

CVSS v3 Score

N/A / 10.0

EPSS (Exploit Probability)

67.4%

99th percentile

Exploitation Status

Not in CISA KEV

Affected Vendors

microsoft