CVE-2007-0024

Name of the Vulnerable Software and Affected Versions Microsoft Internet Explorer versions 5.01 through 7

Description The issue is related to an integer overflow in the Vector Markup Language (VML) implementation, which allows remote attackers to execute arbitrary code via a crafted web page. This could potentially allow an attacker to take complete control of an affected system if a user visits the web page or views a specially crafted HTML e-mail.

Recommendations For Microsoft Internet Explorer versions 5.01 through 7, consider disabling the VML implementation until a patch is available. Restrict access to web pages and HTML e-mails that could potentially exploit this issue to minimize the risk of exploitation.