CVE-2007-0945

Name of the Vulnerable Software and Affected Versions: Microsoft Internet Explorer versions 6 and 7 on various Windows operating systems, including Windows 2000 SP4, Windows XP SP2, Windows Server 2003 SP1 or SP2, and Windows Vista

Description: A remote code execution issue exists in the way Internet Explorer handles certain property methods, potentially allowing memory corruption. This could be exploited by an attacker constructing a specially crafted Web page, which, if viewed by a user, could lead to remote code execution. A successful exploitation could result in an attacker taking complete control of an affected system.

Recommendations: For Microsoft Internet Explorer 6 on Windows 2000 SP4: update to a newer version to mitigate the risk. For Microsoft Internet Explorer 6 and 7 on Windows XP SP2, or Windows Server 2003 SP1 or SP2: update to a newer version to mitigate the risk. For Microsoft Internet Explorer 7 on Windows Vista: update to a newer version to mitigate the risk.