Info

Disclosure

May 08, 2007

Discovery

Oct 06, 2006

Dates

Exploit

Unknown

Solution

Unknown

Description

A memory corruption flaw exists in Internet Explorer. The CTableCol::OnPropertyChange() function may access deleted objects following a call to the deleteCell() JavaScript method resulting in memory corruption. With a specially crafted web page, a context-dependent attacker can cause arbitrary code execution resulting in a loss of integrity.

Classification

Location: Local Access Required, Remote / Network Access
Attack Type: Input Manipulation
Impact: Loss of Integrity
Exploit: Exploit Private, Exploit Unknown
Disclosure: OSVDB Verified

Solution

Currently, there are no known workarounds or upgrades to correct this issue. However, Microsoft has released a patch to address this vulnerability.

Products

Microsoft Corporation	Internet Explorer	5
		6

References

CVE ID: 2007-0944 (see also: NVD)
Secunia Advisory ID: 23769
Bugtraq ID: 23771
Related OSVDB ID: 34399 34401 34402 34403 34404
Microsoft Knowledge Base Article: 931768
VUPEN Advisory: ADV-2007-1712
Mail List Post: http://archives.neohapsis.com/archives/bugtraq/2007-05/0103.html
News Article: http://www.informationweek.com/news/showArticle.jhtml?articleID=199400216
Other Advisory URL: http://www.zerodayinitiative.com/advisories/ZDI-07-027.html
Microsoft Security Bulletin: MS07-027

Credit

Unknown or Incomplete

Direct URL: http://osvdb.org/34400

Info

Disclosure

Discovery

Dates

Exploit

Solution

Description

Classification

Solution

Products

Microsoft Corporation

Internet Explorer

References

Credit