Vulnerability Description
Unspecified vulnerability in Microsoft Internet Explorer 7 on Windows XP SP2, Windows Server 2003 SP1 or SP2, or Windows Vista allows remote attackers to execute arbitrary code via crafted HTML objects, which results in memory corruption, aka the first of two "HTML Objects Memory Corruption Vulnerabilities" and a different issue than CVE-2007-0947.
CVSS Score
HIGH
Affected Products
| Vendor | Product | Versions |
|---|---|---|
| Microsoft | Windows Xp | All versions |
| Microsoft | Internet Explorer | 7.0 |
| Microsoft | Windows 2003 Server | sp1 |
| Microsoft | Windows Vista | All versions |
References
- http://secunia.com/advisories/23769
- http://www.osvdb.org/34402
- http://www.securityfocus.com/archive/1/468871/100/200/threaded
- http://www.securityfocus.com/bid/23770
- http://www.securitytracker.com/id?1018019
- http://www.us-cert.gov/cas/techalerts/TA07-128A.htmlUS Government Resource
- http://www.vupen.com/english/advisories/2007/1712
- https://docs.microsoft.com/en-us/security-updates/securitybulletins/2007/ms07-02
- https://exchange.xforce.ibmcloud.com/vulnerabilities/33255
- https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3
- http://secunia.com/advisories/23769
- http://www.osvdb.org/34402
- http://www.securityfocus.com/archive/1/468871/100/200/threaded
- http://www.securityfocus.com/bid/23770
- http://www.securitytracker.com/id?1018019
FAQ
What is CVE-2007-0946?
CVE-2007-0946 is a vulnerability with a CVSS score of 9.3 (HIGH). Unspecified vulnerability in Microsoft Internet Explorer 7 on Windows XP SP2, Windows Server 2003 SP1 or SP2, or Windows Vista allows remote attackers to execute arbitrary code via crafted HTML object...
How severe is CVE-2007-0946?
CVE-2007-0946 has been rated HIGH with a CVSS base score of 9.3/10. Review the CVSS metrics above for detailed severity breakdown.
Is there a patch for CVE-2007-0946?
Check the references section above for vendor advisories and patch information. Affected products include: Microsoft Windows Xp, Microsoft Internet Explorer, Microsoft Windows 2003 Server, Microsoft Windows Vista.