Computer Security
[EN] securityvulns.ru no-pyccku


Microsoft Internet Explorer multiple security vulnerabilities
updated since 14.08.2007
Published:17.08.2007
Source:
SecurityVulns ID:8042
Type:client
Threat Level:
10/10
Description:Memory corruption on ActiveX parsing, unsafe Visual Basic ActiveX execution, Visual Basic ActiveX memory corruption.
Affected:MICROSOFT : Windows 2000 Server
 MICROSOFT : Windows 2000 Professional
 MICROSOFT : Windows XP
 MICROSOFT : Windows 2003 Server
 MICROSOFT : Windows Vista
CVE:CVE-2007-3041 (Unspecified vulnerability in the pdwizard.ocx ActiveX object for Internet Explorer 5.01, 6 SP1, and 7 allows remote attackers to execute arbitrary code via unknown vectors related to Microsoft Visual Basic 6 objects and memory corruption, aka "ActiveX Object Memory Corruption Vulnerability.")
 CVE-2007-2216
 CVE-2007-0943 (Unspecified vulnerability in Internet Explorer 5.01 and 6 SP1 allows remote attackers to execute arbitrary code via crafted Cascading Style Sheets (CSS) strings that trigger memory corruption during parsing, related to use of out-of-bounds pointers.)
Original documentdocumentBrett Moore, TlbInf32 ActiveX Command Execution (17.08.2007)
 documentNSFOCUS, NSFOCUS SA2007-01 : Microsoft IE5 CSS Parsing Memory Corruption Vulnerability (16.08.2007)
 documentMICROSOFT, Microsoft Security Bulletin MS07-045 - Critical Cumulative Security Update for Internet Explorer (937143) (14.08.2007)
Files:Microsoft Security Bulletin MS07-045 - Critical Cumulative Security Update for Internet Explorer (937143)

About | Terms of use | Privacy Policy
© SecurityVulns, 3APA3A, Vladimir Dubrovin
Nizhny Novgorod