What is the severity of CVE-2007-4848?

CVE-2007-4848 is considered a medium severity vulnerability as it allows attackers to potentially access local files through specific URI schemes.

How do I fix CVE-2007-4848?

To mitigate CVE-2007-4848, users should upgrade to a more secure version of Internet Explorer or apply security patches provided by Microsoft.

What versions of Internet Explorer are affected by CVE-2007-4848?

CVE-2007-4848 affects Internet Explorer versions 4.0 through 7, including all service packs.

Can CVE-2007-4848 lead to data exposure?

Yes, if exploited, CVE-2007-4848 can lead to unauthorized access and exposure of local files on the user's system.

Is CVE-2007-4848 still a risk today?

While CVE-2007-4848 primarily affects outdated versions of Internet Explorer, users with legacy systems may still be at risk.

Vulnerability/
CVE-2007-4848

medium

4.3

CWE

NVD-CWE-Other

12/9/2007

7/8/2024

CVE-2007-4848

First published: Wed Sep 12 2007(Updated: )

Microsoft Internet Explorer 4.0 through 7 allows remote attackers to determine the existence of local files that have associated images via a res:// URI in the src property of a JavaScript Image object, as demonstrated by the URI for a bitmap image resource within a (1) .exe or (2) .dll file.

Credit: cve@mitre.org

Affected Software	Affected Version	How to fix
Internet Explorer	=5
Microsoft Internet Explorer	=4.x
Microsoft Internet Explorer	=6.0-sp1
Internet Explorer	=6-sp1
Microsoft Internet Explorer	=5.0_ta3
Internet Explorer	=5.01-sp4
Microsoft Internet Explorer	=5.x
Microsoft Internet Explorer	=5.0-sp4
Microsoft Internet Explorer	=6.0-sp2
Internet Explorer	=7
Microsoft Internet Explorer	=5.0-sp1
Internet Explorer	=6
Internet Explorer	=5.01
Internet Explorer	=5.01-sp3
Internet Explorer	=5.5-sp2
Internet Explorer	=4.0
Internet Explorer	=4.0.1
Internet Explorer	=4.1
Internet Explorer	=4.5
Internet Explorer	=5.0
Internet Explorer	=5.0.1
Internet Explorer	=5.0.1-sp2
Internet Explorer	=5.0.1-sp3
Internet Explorer	=5.0.1-sp4
Internet Explorer	=5.0.1-sp1
Internet Explorer	=5.5
Internet Explorer	=5.01-sp1
Internet Explorer	=5.01-sp2
Internet Explorer	=5.1
Internet Explorer	=5.2.3
Internet Explorer	=5.5-preview
Internet Explorer	=5.5-sp1
Internet Explorer	=6.0.2600
Internet Explorer	=6.0
Internet Explorer	=6.0.2800
Internet Explorer	=6.0.2800.1106
Internet Explorer	=6.0.2900
Internet Explorer	=6.0.2900.2180
Internet Explorer	=7.0-beta
Internet Explorer	=7.0
Internet Explorer	=7.0.5730.11
Internet Explorer	=7.0-beta1
Internet Explorer	=7.0-beta2
Internet Explorer	=7.0-beta3

Never miss a vulnerability like this again

Reference Links

Frequently Asked Questions

What is the severity of CVE-2007-4848?
CVE-2007-4848 is considered a medium severity vulnerability as it allows attackers to potentially access local files through specific URI schemes.
How do I fix CVE-2007-4848?
To mitigate CVE-2007-4848, users should upgrade to a more secure version of Internet Explorer or apply security patches provided by Microsoft.
What versions of Internet Explorer are affected by CVE-2007-4848?
CVE-2007-4848 affects Internet Explorer versions 4.0 through 7, including all service packs.
Can CVE-2007-4848 lead to data exposure?
Yes, if exploited, CVE-2007-4848 can lead to unauthorized access and exposure of local files on the user's system.
Is CVE-2007-4848 still a risk today?
While CVE-2007-4848 primarily affects outdated versions of Internet Explorer, users with legacy systems may still be at risk.

agent/references
agent/type
collector/mitre-cve
source/MITRE
agent/weakness
agent/author
agent/severity
agent/last-modified-date
agent/first-publish-date
agent/description
agent/event
agent/source
collector/nvd-historical
agent/software-canonical-lookup-request
agent/tags
agent/softwarecombine
collector/nvd-index
vendor/microsoft
canonical/internet explorer
version/internet explorer/5
canonical/microsoft internet explorer
version/microsoft internet explorer/4.x
version/microsoft internet explorer/6.0-sp1
version/internet explorer/6-sp1
version/microsoft internet explorer/5.0_ta3
version/internet explorer/5.01-sp4
version/microsoft internet explorer/5.x
version/microsoft internet explorer/5.0-sp4
version/microsoft internet explorer/6.0-sp2
version/internet explorer/7
version/microsoft internet explorer/5.0-sp1
version/internet explorer/6
version/internet explorer/5.01
version/internet explorer/5.01-sp3
version/internet explorer/5.5-sp2
version/internet explorer/4.0
version/internet explorer/4.0.1
version/internet explorer/4.1
version/internet explorer/4.5
version/internet explorer/5.0
version/internet explorer/5.0.1
version/internet explorer/5.0.1-sp2
version/internet explorer/5.0.1-sp3
version/internet explorer/5.0.1-sp4
version/internet explorer/5.0.1-sp1
version/internet explorer/5.5
version/internet explorer/5.01-sp1
version/internet explorer/5.01-sp2
version/internet explorer/5.1
version/internet explorer/5.2.3
version/internet explorer/5.5-preview
version/internet explorer/5.5-sp1
version/internet explorer/6.0.2600
version/internet explorer/6.0
version/internet explorer/6.0.2800
version/internet explorer/6.0.2800.1106
version/internet explorer/6.0.2900
version/internet explorer/6.0.2900.2180
version/internet explorer/7.0-beta
version/internet explorer/7.0
version/internet explorer/7.0.5730.11
version/internet explorer/7.0-beta1
version/internet explorer/7.0-beta2
version/internet explorer/7.0-beta3