CVE-2007-0947

Name of the Vulnerable Software and Affected Versions: Microsoft Internet Explorer 7 versions on Windows XP SP2, Windows Server 2003 SP1 or SP2, or Windows Vista

Description: The issue allows remote attackers to execute arbitrary code via crafted HTML objects, resulting in accessing deallocated memory. This could enable an attacker to take complete control of an affected system by constructing a specially crafted Web page. If a user viewed the Web page, these vulnerabilities could allow remote code execution.

Recommendations: For Microsoft Internet Explorer 7 on Windows XP SP2, Windows Server 2003 SP1 or SP2, or Windows Vista, consider restricting access to certain HTML objects until a patch is available. As a temporary workaround, avoid using crafted HTML objects in Internet Explorer until the issue is resolved.