CVE-2007-0218Code Injection in Microsoft Internet Explorer

CWE-94Code Injection2 documents2 sources
Severity
9.3CRITICALNVD
EPSS
51.8%
top 2.09%
CISA KEV
Not in KEV
Exploit
No known exploits
Affected products
1
Microsoft Internet Explorer
Timeline
PublishedJun 12
Latest updateMay 1

Description

Microsoft Internet Explorer 5.01 and 6 allows remote attackers to execute arbitrary code by instantiating certain COM objects from Urlmon.dll, which triggers memory corruption during a call to the IObjectSafety function.

CVSS vector

AV:N/AC:M/C:C/I:C/A:CExploitability: 8.6 | Impact: 10.0

Affected Packages1 packages

NVDmicrosoft/internet_explorer5.01, 6, 7.0+2

🔴Vulnerability Details

1
GHSA
GHSA-f7hh-5vc2-h86f: Microsoft Internet Explorer 52022-05-01
CVE-2007-0218 — Code Injection in Microsoft | cvebase