[Forgot Password]
Login  Register Subscribe

30389

 
 

423868

 
 

244625

 
 

909

 
 

193379

 
 

277

Paid content will be excluded from the download.


Download | Alert*
CVE
view JSON

CVE-2007-0947Date: (C)2007-05-08   (M)2023-12-22


Use-after-free vulnerability in Microsoft Internet Explorer 7 on Windows XP SP2, Windows Server 2003 SP1 or SP2, or Windows Vista allows remote attackers to execute arbitrary code via crafted HTML objects, resulting in accessing deallocated memory of CMarkup objects, aka the second of two "HTML Objects Memory Corruption Vulnerabilities" and a different issue than CVE-2007-0946.

CVSS Score and Metrics +CVSS Score and Metrics -

CVSS V2 Severity:
CVSS Score : 9.3
Exploit Score: 8.6
Impact Score: 10.0
 
CVSS V2 Metrics:
Access Vector: NETWORK
Access Complexity: MEDIUM
Authentication: NONE
Confidentiality: COMPLETE
Integrity: COMPLETE
Availability: COMPLETE
  
Reference:
SECTRACK-1018019
SECUNIA-23769
BID-23772
OSVDB-34403
ADV-2007-1712
HPSBST02214
MS07-027
TA07-128A
http://secunia.com/secunia_research/2007-36/advisory/
ie-html-memory-code-execution-variant(33256)
oval:org.mitre.oval:def:2048

CPE    3
cpe:/a:microsoft:internet_explorer:6
cpe:/o:microsoft:windows_vista
cpe:/o:microsoft:windows_xp::sp2
CWE    1
CWE-399
OVAL    1
oval:org.mitre.oval:def:2048

© SecPod Technologies