| Revision Date: | 2014-03-17 | Version: | 45 | | Title: | HTML Objects Memory Corruption Vulnerabilities | | Description: | Use-after-free vulnerability in Microsoft Internet Explorer 7 on Windows XP SP2, Windows Server 2003 SP1 or SP2, or Windows Vista allows remote attackers to execute arbitrary code via crafted HTML objects, resulting in accessing deallocated memory of CMarkup objects, aka the second of two "HTML Objects Memory Corruption Vulnerabilities" and a different issue than CVE-2007-0946. | | Family: | windows | Class: | vulnerability | | Status: | ACCEPTED | Reference(s): | CVE-2007-0947
| | Platform(s): | Microsoft Windows 2000
Microsoft Windows Server 2003
Microsoft Windows Vista
Microsoft Windows XP
| Product(s): | Microsoft Internet Explorer
| | Definition Synopsis | | IE 5.01,SP4 on Win2k,SP4 Microsoft Windows 2000 SP4 or later is installed
AND Microsoft Internet Explorer 5.01 SP4 is installed
AND the version of mshtml.dll is less than 5.0.3850.1900
OR IE 6 on Windows 2000
Microsoft Windows 2000 SP4 or later is installed
AND Microsoft Internet Explorer 6 is installed
AND the version of mshtml.dll is less than 6.0.2800.1593
OR IE 6 on Windows XP SP2
Microsoft Windows XP SP2 or later is installed
AND Microsoft Internet Explorer 6 is installed
AND the version of mshtml.dll is less than 6.0.2800.1593
OR XP,SP1 (64-bit) and Server 2003, SP1 (IE6)
Windows XP (64-bit,SP1) or Server 2003 (SP1) is installed
Microsoft Windows XP SP1 (64-bit) is installed
OR Microsoft Windows Server 2003 SP1 (x86) is installed
AND Microsoft Internet Explorer 6 is installed
AND the version of mshtml.dll is less than 6.0.3790.2885
OR XP,SP2 (64-bit) and Server 2003, SP2 (IE6)
Windows XP (64-bit,SP2) or Server 2003 (SP1) is installed
Windows XP (64-bit,SP2) is installed
Microsoft Windows XP SP2 or later is installed
AND 64-Bit (x64 architecture) version of Windows is installed
OR Microsoft Windows Server 2003 SP2 (x86) is installed
AND Microsoft Internet Explorer 6 is installed
AND the version of mshtml.dll is less than 6.0.3790.4026
OR IE 7 on Windows XP,SP2
Microsoft Windows XP SP2 or later is installed
AND Microsoft Internet Explorer 7 is installed
AND the version of Ieapfltr.dll is less than 7.0.6000.16432
OR Windows Server 2003 Service Pack 1 version
Microsoft Windows Server 2003 SP1 (x86) is installed
AND the version of Ieapfltr.dll is less than 7.0.6000.16432
OR Windows Server 2003 Service Pack 2 version
Microsoft Windows Server 2003 SP2 (x86) is installed
AND the version of Ieapfltr.dll is less than 7.0.6000.16432
OR IE 7 on Windows Vista
Microsoft Windows Vista is installed
AND the version of mshtml.dll is less than 7.0.6000.20547
|
|