CVE-2007-5344

Currently unrated

Key Information:

Vendor: Microsoft
Status: Internet Explorer; Ie
Vendor: CVE Published:; 12 December 2007

Summary

Microsoft Internet Explorer 5.01 through 7 allows remote attackers to execute arbitrary code via a crafted website using Javascript that creates, modifies, deletes, and accesses document objects using the tags property, which triggers heap corruption, related to uninitialized or deleted objects, a different issue than CVE-2007-3902 and CVE-2007-3903, and a variant of "Uninitialized Memory Corruption Vulnerability."

References

https://exchange.xforce.ibmcloud.com/vulnerabilities/38715

vdb-entryx_refsource_XF

http://www.securityfocus.com/bid/26817

vdb-entryx_refsource_BID

http://securitytracker.com/id?1019078

vdb-entryx_refsource_SECTRACK

EPSS Score

88% chance of being exploited in the next 30 days.

Timeline

Vulnerability published
Dec 12, 2007
Vulnerability Reserved
Oct 10, 2007

Collectors

NVD DatabaseMitre Database