CVE-2007-0947 Information

Description

Use-after-free vulnerability in Microsoft Internet Explorer 7 on Windows XP SP2 Windows Server 2003 SP1 or SP2 or Windows Vista allows remote attackers to execute arbitrary code via crafted HTML objects resulting in accessing deallocated memory of CMarkup objects aka the second of two \HTML Objects Memory Corruption Vulnerabilities\ and a different issue than CVE-2007-0946.

Reference

http://secunia.com/advisories/23769 http://secunia.com/secunia_research/2007-36/advisory/ http://www.osvdb.org/34403 http://www.securityfocus.com/archive/1/468871/100/200/threaded http://www.securityfocus.com/bid/23772 http://www.securitytracker.com/id?1018019 http://www.us-cert.gov/cas/techalerts/TA07-128A.html http://www.vupen.com/english/advisories/2007/1712 https://docs.microsoft.com/en-us/security-updates/securitybulletins/2007/ms07-027 https://exchange.xforce.ibmcloud.com/vulnerabilities/33256 https://oval.cisecurity.org/repository/search/definition/oval3Aorg.mitre.oval3Adef3A2048