CVE-2007-0947
Published May 8, 2007
Last updated 3 years ago
Overview
- Description
- Use-after-free vulnerability in Microsoft Internet Explorer 7 on Windows XP SP2, Windows Server 2003 SP1 or SP2, or Windows Vista allows remote attackers to execute arbitrary code via crafted HTML objects, resulting in accessing deallocated memory of CMarkup objects, aka the second of two "HTML Objects Memory Corruption Vulnerabilities" and a different issue than CVE-2007-0946.
- Source
- secure@microsoft.com
- NVD status
- Modified
Social media
- Hype score
- Not currently trending
Risk scores
CVSS 2.0
- Type
- Primary
- Base score
- 9.3
- Impact score
- 10
- Exploitability score
- 8.6
- Vector string
- AV:N/AC:M/Au:N/C:C/I:C/A:C
Weaknesses
- nvd@nist.gov
- CWE-399
Evaluator
- Comment
- FrSIRT has noted the following: Multiple vulnerabilities have been identified in Microsoft Internet Explorer, which could be exploited by remote attackers to take complete control of an affected system.
- Impact
- -
- Solution
- -
Configurations
[
{
"nodes": [
{
"negate": false,
"cpeMatch": [
{
"criteria": "cpe:2.3:o:microsoft:windows_2003_server:sp1:*:*:*:*:*:*:*",
"vulnerable": false,
"matchCriteriaId": "644E2E89-F3E3-4383-B460-424D724EE62F"
},
{
"criteria": "cpe:2.3:o:microsoft:windows_2003_server:sp2:*:*:*:*:*:*:*",
"vulnerable": false,
"matchCriteriaId": "377F7D0C-6B44-4B90-BF90-DAF959880C6D"
},
{
"criteria": "cpe:2.3:o:microsoft:windows_vista:*:*:*:*:*:*:*:*",
"vulnerable": false,
"matchCriteriaId": "3852BB02-47A1-40B3-8E32-8D8891A53114"
},
{
"criteria": "cpe:2.3:o:microsoft:windows_xp:*:sp2:*:*:*:*:*:*",
"vulnerable": false,
"matchCriteriaId": "9B339C33-8896-4896-88FF-88E74FDBC543"
}
],
"operator": "OR"
},
{
"negate": false,
"cpeMatch": [
{
"criteria": "cpe:2.3:a:microsoft:internet_explorer:6:*:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "693D3C1C-E3E4-49DB-9A13-44ADDFF82507"
},
{
"criteria": "cpe:2.3:a:microsoft:internet_explorer:7.0:*:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "6BC71FD8-D385-4507-BD14-B75FDD4C79E6"
}
],
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"negate": false,
"cpeMatch": [
{
"criteria": "cpe:2.3:o:microsoft:windows_2003_server:sp1:*:*:*:*:*:*:*",
"vulnerable": false,
"matchCriteriaId": "644E2E89-F3E3-4383-B460-424D724EE62F"
}
],
"operator": "OR"
},
{
"negate": false,
"cpeMatch": [
{
"criteria": "cpe:2.3:a:microsoft:internet_explorer:6:*:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "693D3C1C-E3E4-49DB-9A13-44ADDFF82507"
},
{
"criteria": "cpe:2.3:a:microsoft:internet_explorer:7.0:*:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "6BC71FD8-D385-4507-BD14-B75FDD4C79E6"
}
],
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"negate": false,
"cpeMatch": [
{
"criteria": "cpe:2.3:o:microsoft:windows_2003_server:sp2:*:*:*:*:*:*:*",
"vulnerable": false,
"matchCriteriaId": "377F7D0C-6B44-4B90-BF90-DAF959880C6D"
}
],
"operator": "OR"
},
{
"negate": false,
"cpeMatch": [
{
"criteria": "cpe:2.3:a:microsoft:internet_explorer:6:*:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "693D3C1C-E3E4-49DB-9A13-44ADDFF82507"
},
{
"criteria": "cpe:2.3:a:microsoft:internet_explorer:7.0:*:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "6BC71FD8-D385-4507-BD14-B75FDD4C79E6"
}
],
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"negate": false,
"cpeMatch": [
{
"criteria": "cpe:2.3:o:microsoft:windows_vista:*:*:*:*:*:*:*:*",
"vulnerable": false,
"matchCriteriaId": "3852BB02-47A1-40B3-8E32-8D8891A53114"
}
],
"operator": "OR"
},
{
"negate": false,
"cpeMatch": [
{
"criteria": "cpe:2.3:a:microsoft:internet_explorer:7.0:*:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "6BC71FD8-D385-4507-BD14-B75FDD4C79E6"
}
],
"operator": "OR"
}
],
"operator": "AND"
}
]