CVE-2007-3550

high Microsoft
CVSS v3 Base Score
7.8
AV:N/AC:L/Au:N/C:N/I:N/A:C
EPSS Score
35.1%
Exploitation probability in 30 days
Top 3% most likely to be exploited
Attack Characteristics
Attack Vector
Network
Attack Complexity
Low
Confidentiality
None
Integrity
None
Availability
C
Published: July 3, 2007 (6889 days ago)
Last Modified: April 23, 2026
Vendor: Microsoft
Source: NVD

Description

Microsoft Internet Explorer 6.0 and 7.0 allows remote attackers to fill Zones with arbitrary domains using certain metacharacters such as wildcards via JavaScript, which results in a denial of service (website suppression and resource consumption), aka "Internet Explorer Zone Domain Specification Dos and Page Suppressing". NOTE: this issue has been disputed by a third party, who states that the zone settings cannot be manipulated

CWE

CWE-94

Affected Products

microsoft iemicrosoft internet explorer

References

🔗 lists.grok.org.uk 🔗 osvdb.org 🔗 securityreason.com 🔗 www.secniche.org 🔗 www.securityfocus.com