CVE-2008-0076

Name of the Vulnerable Software and Affected Versions Microsoft Internet Explorer versions 5.01, 6 SP1, 6 SP2, and 7

Description The issue allows remote attackers to execute arbitrary code via crafted HTML layout combinations. A remote code execution vulnerability exists in the way Internet Explorer interprets HTML with certain layout combinations. An attacker could exploit the vulnerability by constructing a specially crafted Web page, potentially gaining the same user rights as the logged on user when a user views the Web page.

Recommendations For Microsoft Internet Explorer version 5.01, update to a newer version to mitigate the risk. For Microsoft Internet Explorer version 6 SP1, update to a newer version to mitigate the risk. For Microsoft Internet Explorer version 6 SP2, update to a newer version to mitigate the risk. For Microsoft Internet Explorer version 7, update to a newer version to mitigate the risk.