Microsoft : Security Vulnerabilities Published In 2007 (Directory traversal)
Absolute directory traversal vulnerability in a certain ActiveX control in the VB To VSI Support Library (VBTOVSI.DLL) 1.0.0.0 in Microsoft Visual Studio 6.0 allows remote attackers to create or overwrite arbitrary files via a full pathname in the argument to the SaveAs method. NOTE: contents can be copied from local files via the Load method.
| Max Base Score | 5.8 |
| Published | 2007-09-14 |
| Updated | 2017-09-29 |
| EPSS | 2.23% |
Multiple absolute path traversal vulnerabilities in Microsoft Internet Explorer 6 on Windows XP SP2 allow remote attackers to access arbitrary local files via the file: URI in the (1) src attribute of a (a) bgsound, (b) input, (c) EMBED, (d) img, or (e) script tag; (2) data attribute of an object tag; (3) value attribute of a param tag; (4) background attribute of a body tag; or (5) the background:url attribute declared in the BODY parameter of a STYLE tag.
| Max Base Score | 4.3 |
| Published | 2007-06-26 |
| Updated | 2021-07-23 |
| EPSS | 5.33% |
Directory traversal vulnerability in Microsoft Internet Explorer allows remote attackers to read arbitrary files via directory traversal sequences in a URI with a certain scheme, possibly related to "..%5C" (encoded backslash) sequences.
| Max Base Score | 7.8 |
| Published | 2007-06-06 |
| Updated | 2021-07-23 |
| EPSS | 0.90% |
3 vulnerabilities found