|Main Archive Page > Month Archives > full-disclosure-uk archives|
Rating: Moderately Critical
Impact: System Access
Internet Explorer 7 provides improved navigation through tabbed browsing, web search right from the toolbar, advanced printing, easy discovery, reading and subscription to RSS feeds, and much more.
Secunia Research has discovered a vulnerability in Internet Explorer, which can be exploited by malicious people to compromise a vulnerable system.
The vulnerability is caused due to an error in the handling of HTML objects as a CMarkup object is used in certain cases after it has been freed. This can be exploited to corrupt memory via a specially crafted web page.
Successful exploitation allows execution of arbitrary code.
Apply patches (see the Microsoft security bulletin for details).
Discovered by JJ Reyes, Secunia Research.
The Common Vulnerabilities and Exposures (CVE) project has assigned CVE-2007-0947 for the vulnerability.
Secunia offers vulnerability management solutions to corporate customers with verified and reliable vulnerability intelligence relevant to their specific system configuration:
Secunia also provides a publicly accessible and comprehensive advisory database as a service to the security community and private individuals, who are interested in or concerned about IT-security.
Secunia believes that it is important to support the community and to do active vulnerability research in order to aid improving the security and reliability of software in general:
Secunia regularly hires new skilled team members. Check the URL below to see currently vacant positions:
Secunia offers a FREE mailing list called Secunia Security Advisories:
Please verify this advisory by visiting the Secunia website: http://secunia.com/secunia_research/2007-36/
Complete list of vulnerability reports published by Secunia Research: http://secunia.com/secunia_research/