CVE-2007-0219

Name of the Vulnerable Software and Affected Versions Microsoft Internet Explorer versions 5.01, 6, and 7

Description A remote code execution issue exists due to the way Internet Explorer instantiates COM objects not intended for use in Internet Explorer. An attacker could exploit this by constructing a specially crafted Web page, potentially allowing remote code execution if a user views the page. Successful exploitation could allow an attacker to take complete control of an affected system.

Recommendations For Microsoft Internet Explorer versions 5.01, 6, and 7, consider restricting the instantiation of COM objects in Internet Explorer to prevent potential exploitation. As a temporary workaround, consider disabling the use of ActiveX controls from Msb1fren.dll, Htmlmm.ocx, and Blnmgrps.dll in Internet Explorer until a patch is available.