CVE-2010-0807

Name of the Vulnerable Software and Affected Versions Microsoft Internet Explorer version 7

Description The issue arises from improper handling of objects in memory, allowing remote attackers to execute arbitrary code by accessing a deleted object, leading to memory corruption. A remote code execution vulnerability exists in the way that Internet Explorer accesses an object that has been deleted. An attacker could exploit the vulnerability by constructing a specially crafted Web page, potentially gaining the same user rights as the logged-on user. If the user has administrative rights, the attacker could take complete control of the affected system, enabling them to install programs, view, change, or delete data, or create new accounts with full user rights.

Recommendations For Microsoft Internet Explorer version 7, update to a newer version to mitigate the risk. As a temporary workaround, consider restricting access to specially crafted Web pages that could exploit the vulnerability until a patch is available.