CVE-2011-0094

Name of the Vulnerable Software and Affected Versions Microsoft Internet Explorer versions 6 through 7

Description A use-after-free issue allows remote attackers to execute arbitrary code by accessing an object that was not properly initialized or has been deleted. This could be exploited by constructing a specially crafted Web page, potentially leading to remote code execution when a user views the page. An attacker who successfully exploits this issue could gain the same user rights as the logged-on user, and if the user has administrative rights, the attacker could take complete control of the affected system, allowing them to install programs, view, change, or delete data, or create new accounts with full user rights.

Recommendations For Microsoft Internet Explorer versions 6 and 7, at the moment, there is no information about a newer version that contains a fix for this vulnerability.