CVE-2007-3027

Name of the Vulnerable Software and Affected Versions: Microsoft Internet Explorer versions 5.01 through 7

Description: A remote code execution issue exists in the way Internet Explorer handles language pack installation. This could be exploited by an attacker constructing a specially crafted Web page. When a user views this Web page, it could allow remote code execution, potentially giving the attacker complete control of the affected system. User interaction is required to exploit this issue.

Recommendations: For Microsoft Internet Explorer versions 5.01 through 7, as a temporary workaround, consider restricting the installation of language packs until a patch is available. At the moment, there is no information about a newer version that contains a fix for this vulnerability.