CVE-2007-3902

Use-after-free vulnerability in the CRecalcProperty function in mshtml.dll in Microsoft Internet Explorer 5.01 through 7 allows remote attackers to execute arbitrary code by calling the setExpression method and then modifying the outerHTML property of an HTML element, one variant of "Uninitialized Memory Corruption Vulnerability."
Advertisement

NeevaHost hosting service

Configurations

Configuration 1 (hide)

OR cpe:2.3:a:microsoft:internet_explorer:5:*:*:*:*:*:*:*
cpe:2.3:a:microsoft:internet_explorer:5.2.3:*:*:*:*:*:*:*
cpe:2.3:a:microsoft:internet_explorer:5.5:*:*:*:*:*:*:*
cpe:2.3:a:microsoft:internet_explorer:6.0.2600:*:*:*:*:*:*:*
cpe:2.3:a:microsoft:internet_explorer:6.0.2800:*:*:*:*:*:*:*
cpe:2.3:a:microsoft:internet_explorer:7.0:*:*:*:*:*:*:*
cpe:2.3:a:microsoft:internet_explorer:7.0.5730.11:*:*:*:*:*:*:*
cpe:2.3:a:microsoft:internet_explorer:5.01:sp2:*:*:*:*:*:*
cpe:2.3:a:microsoft:internet_explorer:5.01:sp3:*:*:*:*:*:*
cpe:2.3:a:microsoft:internet_explorer:5.5:sp2:*:*:*:*:*:*
cpe:2.3:a:microsoft:ie:5.x:*:*:*:*:*:*:*
cpe:2.3:a:microsoft:ie:6.0:sp1:*:*:*:*:*:*
cpe:2.3:a:microsoft:internet_explorer:6:sp1:*:*:*:*:*:*
cpe:2.3:a:microsoft:internet_explorer:5.01:sp4:*:*:*:*:*:*
cpe:2.3:a:microsoft:ie:6.0:sp2:*:*:*:*:*:*
cpe:2.3:a:microsoft:internet_explorer:7:*:*:*:*:*:*:*
cpe:2.3:a:microsoft:internet_explorer:6:*:*:*:*:*:*:*
cpe:2.3:a:microsoft:internet_explorer:5.01:*:*:*:*:*:*:*
cpe:2.3:a:microsoft:internet_explorer:5.01:sp1:*:*:*:*:*:*
cpe:2.3:a:microsoft:internet_explorer:5.1:*:*:*:*:*:*:*
cpe:2.3:a:microsoft:internet_explorer:5.5:preview:*:*:*:*:*:*
cpe:2.3:a:microsoft:internet_explorer:5.5:sp1:*:*:*:*:*:*
cpe:2.3:a:microsoft:internet_explorer:6.0:*:*:*:*:*:*:*
cpe:2.3:a:microsoft:internet_explorer:6.0.2800.1106:*:*:*:*:*:*:*
cpe:2.3:a:microsoft:internet_explorer:6.0.2900:*:*:*:*:*:*:*
cpe:2.3:a:microsoft:internet_explorer:6.0.2900.2180:*:*:*:*:*:*:*
cpe:2.3:a:microsoft:internet_explorer:7.0:beta:*:*:*:*:*:*
cpe:2.3:a:microsoft:internet_explorer:7.0:beta1:*:*:*:*:*:*
cpe:2.3:a:microsoft:internet_explorer:7.0:beta2:*:*:*:*:*:*
cpe:2.3:a:microsoft:internet_explorer:7.0:beta3:*:*:*:*:*:*

Information

Published : 2007-12-11 16:46

Updated : 2021-07-23 08:06


NVD link : CVE-2007-3902

Mitre link : CVE-2007-3902


JSON object : View

CWE
CWE-399

Resource Management Errors

CWE-189

Numeric Errors

Advertisement

dedicated server usa

Products Affected

microsoft

  • internet_explorer
  • ie