CVE-2006-3640

Microsoft Internet Explorer 5.01 and 6 allows certain script to persist across navigations between pages, which allows remote attackers to obtain the window location of visited web pages in other domains or zones, aka "Window Location Information Disclosure Vulnerability."

Published: Aug 9, 2006
Updated: Apr 13, 2023
CVE: CVE-2006-3640
Severity: Medium
Exploit:

CVSS v2:

Severity: Medium
Score: 5
AV:N/AC:L/Au:N/C:P/I:N/A:N

No CWE or OWASP classifications available.

Affected Software
References

Software	From	Fixed in
microsoft / ie	6-windows_server_2003_sp1	6-windows_server_2003_sp1.x
microsoft / internet_explorer	5.01	5.01.x

http://secunia.com/advisories/21396
http://securitytracker.com/id?1016663
http://www.osvdb.org/27850
http://www.securityfocus.com/bid/19339
http://www.vupen.com/english/advisories/2006/3212
https://docs.microsoft.com/en-us/security-updates/securitybulletins/2006/ms06-042
https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A171

Vulnerability Database

290,476

CVE-2006-3640