Remote Code Execution Vulnerability in Microsoft Internet Explorer
CVE-2007-5344

Currently unrated

Key Information:

Vendor: Microsoft
Status: Internet Explorer; Ie
Vendor: CVE Published:; 12 December 2007

Summary

Microsoft Internet Explorer versions 5.01 through 7 are susceptible to a vulnerability that permits remote attackers to execute arbitrary code. This flaw arises when a crafted website utilizes JavaScript to create, modify, delete, and access document objects, leading to heap corruption. This issue is associated with the mishandling of uninitialized or deleted objects, distinguishing it from related vulnerabilities. Attackers can exploit this vulnerability to gain unauthorized access and execute malicious code on users' systems.

References

https://exchange.xforce.ibmcloud.com/vulnerabilities/38715

vdb-entryx_refsource_XF

http://www.securityfocus.com/bid/26817

vdb-entryx_refsource_BID

http://securitytracker.com/id?1019078

vdb-entryx_refsource_SECTRACK

EPSS Score

33% chance of being exploited in the next 30 days.

Timeline

Vulnerability published
Dec 12, 2007
Vulnerability Reserved
Oct 10, 2007