CVE-2007-0943

Name of the Vulnerable Software and Affected Versions: Internet Explorer versions 5.01 through 6 SP1

Description: The issue is related to the parsing of crafted Cascading Style Sheets (CSS) strings, which can trigger memory corruption due to the use of out-of-bounds pointers. This can allow remote attackers to execute arbitrary code. An attacker could exploit this by constructing a specially crafted Web page, potentially gaining the same user rights as the logged-on user when the page is viewed.

Recommendations: For Internet Explorer version 5.01, update to a newer version to mitigate the risk. For Internet Explorer version 6 SP1, update to a newer version to mitigate the risk. As a temporary workaround, consider restricting access to Web pages that use CSS to minimize the risk of exploitation.