QwikSec

Security Database

CVE

CWE

Training

CVE-2007-0944

Published: May 8, 2007

Modified: Aug 7, 2024

PUBLISHED

Description

Unspecified vulnerability in the CTableCol::OnPropertyChange method in Microsoft Internet Explorer 5.01 SP4 on Windows 2000 SP4; 6 SP1 on Windows 2000 SP4; and 6 on Windows XP SP2, or Windows Server 2003 SP1 or SP2 allows remote attackers to execute arbitrary code by calling deleteCell on a named table row in a named table column, then accessing the column, which causes Internet Explorer to access previously deleted objects, aka the "Uninitialized Memory Corruption Vulnerability."

Vendor	Product	Versions
n/a	n/a	affected `n/a`

References

ie-object-array-code-execution(33253)

vdb-entry

x_refsource_XF

oval:org.mitre.oval:def:1722

vdb-entry

signature

x_refsource_OVAL

vendor-advisory

x_refsource_HP

vdb-entry

x_refsource_VUPEN

vdb-entry

x_refsource_SECTRACK

vendor-advisory

x_refsource_HP

vendor-advisory

x_refsource_MS

third-party-advisory

x_refsource_SECUNIA

http://www.zerodayinitiative.com/advisories/ZDI-07-027.html

x_refsource_MISC

vdb-entry

x_refsource_OSVDB

third-party-advisory

x_refsource_CERT

20070508 ZDI-07-027: Microsoft Internet Explorer Table Column Deletion Memory Corruption Vulnerability

mailing-list

x_refsource_BUGTRAQ

vdb-entry

x_refsource_BID

Security Training

Train your team to recognize and prevent security threats with our comprehensive security awareness program.

Vulnerability Scanning

Discover vulnerabilities in your applications and infrastructure before attackers do.