Back to search
CVE-2007-0942
Published: May 8, 2007
Modified: Aug 7, 2024
PUBLISHED
Description
Microsoft Internet Explorer 5.01 SP4 on Windows 2000 SP4; 6 SP1 on Windows 2000 SP4; 6 and 7 on Windows XP SP2, or Windows Server 2003 SP1 or SP2; and possibly 7 on Windows Vista does not properly "instantiate certain COM objects as ActiveX controls," which allows remote attackers to execute arbitrary code via a crafted COM object from chtskdic.dll.
| Vendor | Product | Versions |
|---|---|---|
n/a | n/a | affected n/a |
References
oval:org.mitre.oval:def:1939
vdb-entry
signature
x_refsource_OVAL
HPSBST02214
vendor-advisory
x_refsource_HP
ADV-2007-1712
vdb-entry
x_refsource_VUPEN
34399
vdb-entry
x_refsource_OSVDB
ie-chtskdic-com-code-execution(33252)
vdb-entry
x_refsource_XF
1018019
vdb-entry
x_refsource_SECTRACK
SSRT071422
vendor-advisory
x_refsource_HP
MS07-027
vendor-advisory
x_refsource_MS
23769
third-party-advisory
x_refsource_SECUNIA
TA07-128A
third-party-advisory
x_refsource_CERT
Security Training
Train your team to recognize and prevent security threats with our comprehensive security awareness program.
Start TrainingVulnerability Scanning
Discover vulnerabilities in your applications and infrastructure before attackers do.
Scan Now