CVE-2007-4356

Name of the Vulnerable Software and Affected Versions Microsoft Internet Explorer versions 6 through 7

Description The issue allows context-dependent attackers to obtain sensitive information by reading the HTML source. This can be demonstrated by reading the source of files with extensions such as .htm, .html, or .mht.

Recommendations For Microsoft Internet Explorer versions 6 through 7, consider avoiding the use of FTP sessions to minimize the risk of exploitation. As a temporary workaround, restrict access to sensitive information that may be embedded in HTML files retrieved during FTP sessions.