CVE-2007-0944 — Microsoft IE vulnerability

3 documents3 sources

Severity

9.3CRITICALNVD

EPSS

63.8%

top 1.57%

CISA KEV

Not in KEV

Exploit

No known exploits

Affected products

Microsoft IE Microsoft Internet Explorer

Timeline

PublishedMay 8

Latest updateMay 1

Description

Unspecified vulnerability in the CTableCol::OnPropertyChange method in Microsoft Internet Explorer 5.01 SP4 on Windows 2000 SP4; 6 SP1 on Windows 2000 SP4; and 6 on Windows XP SP2, or Windows Server 2003 SP1 or SP2 allows remote attackers to execute arbitrary code by calling deleteCell on a named table row in a named table column, then accessing the column, which causes Internet Explorer to access previously deleted objects, aka the "Uninitialized Memory Corruption Vulnerability."

CVSS vector

AV:N/AC:M/C:C/I:C/A:CExploitability: 8.6 | Impact: 10.0

Affected Packages2 packages

▶NVDmicrosoft/internet_explorer5.01

▶NVDmicrosoft/ie6.0

🔴Vulnerability Details

GHSA

GHSA-x526-gv3v-9x95: Unspecified vulnerability in the CTableCol::OnPropertyChange method in Microsoft Internet Explorer 5↗2022-05-01

▶

CVEList

CVE-2007-0944: Unspecified vulnerability in the CTableCol::OnPropertyChange method in Microsoft Internet Explorer 5↗2007-05-08

▶