CVE-2007-0944

Name of the Vulnerable Software and Affected Versions: Internet Explorer versions 5.01 SP4, 6 SP1, 6

Description: The issue allows remote attackers to execute arbitrary code by exploiting the way Internet Explorer accesses objects. This can be achieved by constructing a specially crafted Web page. If a user views the Web page, it could allow remote code execution, potentially giving an attacker complete control of the affected system. The vulnerability is related to the CTableCol::OnPropertyChange method and involves accessing previously deleted objects.

Recommendations: For Internet Explorer version 5.01 SP4, update to a newer version to mitigate the risk. For Internet Explorer version 6 SP1, update to a newer version to mitigate the risk. For Internet Explorer version 6, update to a newer version to mitigate the risk.