Описание
Use-after-free vulnerability in Microsoft Internet Explorer 7 on Windows XP SP2, Windows Server 2003 SP1 or SP2, or Windows Vista allows remote attackers to execute arbitrary code via crafted HTML objects, resulting in accessing deallocated memory of CMarkup objects, aka the second of two "HTML Objects Memory Corruption Vulnerabilities" and a different issue than CVE-2007-0946.
Комментарий
FrSIRT has noted the following: Multiple vulnerabilities have been identified in Microsoft Internet Explorer, which could be exploited by remote attackers to take complete control of an affected system.
Ссылки
- PatchVendor Advisory
- PatchVendor Advisory
- Patch
- US Government Resource
- Vendor Advisory
- PatchVendor Advisory
- PatchVendor Advisory
- Patch
- US Government Resource
- Vendor Advisory
Уязвимые конфигурации
Одновременно
Одно из
Одно из
Одновременно
Одно из
Одновременно
Одно из
Одновременно
EPSS
9.3 Critical
CVSS2
Дефекты
Связанные уязвимости
Use-after-free vulnerability in Microsoft Internet Explorer 7 on Windows XP SP2, Windows Server 2003 SP1 or SP2, or Windows Vista allows remote attackers to execute arbitrary code via crafted HTML objects, resulting in accessing deallocated memory of CMarkup objects, aka the second of two "HTML Objects Memory Corruption Vulnerabilities" and a different issue than CVE-2007-0946.
EPSS
9.3 Critical
CVSS2