Vulnerability Details : CVE-2006-3640

Microsoft Internet Explorer 5.01 and 6 allows certain script to persist across navigations between pages, which allows remote attackers to obtain the window location of visited web pages in other domains or zones, aka "Window Location Information Disclosure Vulnerability."

Vulnerability category: Information leak

Published 2006-08-09 00:04:00

Updated 2021-07-23 12:18:31

Source Microsoft Corporation

View at NVD, CVE.org

Exploit prediction scoring system (EPSS) score for CVE-2006-3640

Probability of exploitation activity in the next 30 days: 71.35%

Percentile, the proportion of vulnerabilities that are scored at or less: ~ 98 % EPSS Score History EPSS FAQ

CVSS scores for CVE-2006-3640

Base Score	Base Severity	CVSS Vector	Exploitability Score	Impact Score	Source
5.0	MEDIUM	AV:N/AC:L/Au:N/C:P/I:N/A:N	10.0	2.9	[email protected]
Access Vector: Network Access Complexity: Low Authentication: None Confidentiality Impact: Partial Integrity Impact: None Availability Impact: None

References for CVE-2006-3640

Products affected by CVE-2006-3640

Microsoft » IE » Version: 6 Update Windows Server 2003 Sp1
cpe:2.3:a:microsoft:ie:6:windows_server_2003_sp1:*:*:*:*:*:*
Matching versions
Microsoft » Internet Explorer » Version: 5.01
cpe:2.3:a:microsoft:internet_explorer:5.01:*:*:*:*:*:*:*
Matching versions