CVE-2007-0947
9.3
Vector
AV:N/AC:M/Au:N/C:C/I:C/A:C
Exploitability: 8.6 / Impact: 10.0
Source: NVD
Description
Use-after-free vulnerability in Microsoft Internet Explorer 7 on Windows XP SP2, Windows Server 2003 SP1 or SP2, or Windows Vista allows remote attackers to execute arbitrary code via crafted HTML objects, resulting in accessing deallocated memory of CMarkup objects, aka the second of two "HTML Objects Memory Corruption Vulnerabilities" and a different issue than CVE-2007-0946.
Affected (2)
Products: Microsoft: Internet Explorer
Configuration A
| Running on/with | Platform Versions |
|---|---|
Microsoft Windows Xp | All versions |
Configuration B
| Running on/with | Platform Versions |
|---|---|
Microsoft Windows 2003 Server | Version sp1 |
Configuration C
| Vulnerable Software | Affected Versions |
|---|---|
| Version 6 |
| Running on/with | Platform Versions |
|---|---|
Microsoft Windows 2003 Server | Version sp2 |
Configuration D
| Vulnerable Software | Affected Versions |
|---|---|
| Version 7.0 |
| Running on/with | Platform Versions |
|---|---|
Microsoft Windows Vista | All versions |
Related CWEs
References (22)
Source: secure@microsoft.com
PatchVendor Advisory
Source: secure@microsoft.com
Source: secure@microsoft.com
Source: secure@microsoft.com
Source: secure@microsoft.com
US Government Resource
Source: secure@microsoft.com
Source: secure@microsoft.com
Source: secure@microsoft.com
Source: af854a3a-2127-422b-91ae-364da2661108
PatchVendor Advisory
Source: af854a3a-2127-422b-91ae-364da2661108
Source: af854a3a-2127-422b-91ae-364da2661108
Source: af854a3a-2127-422b-91ae-364da2661108
Source: af854a3a-2127-422b-91ae-364da2661108
US Government Resource
Source: af854a3a-2127-422b-91ae-364da2661108
Vendor Advisory
Source: af854a3a-2127-422b-91ae-364da2661108
Source: af854a3a-2127-422b-91ae-364da2661108
Source: af854a3a-2127-422b-91ae-364da2661108
Timeline
No history available yet.