CVE-2007-1749

Internet Explorer 5.01, 6, and 7 - Remote Code Execution via VML Integer Underflow

Title source: llm

Exploitation Summary

EIP tracks 1 public exploit for CVE-2007-1749. PoCs published by Ben Nagy & Derek Soeder.

AI-analyzed exploit summary This is a vulnerability writeup describing a buffer overflow in Microsoft Internet Explorer when rendering VML graphics. The issue can be triggered by a malicious HTML document referencing a compressed image file, potentially leading to remote code execution.

Description

Integer underflow in the CDownloadSink class code in the Vector Markup Language (VML) component (VGX.DLL), as used in Internet Explorer 5.01, 6, and 7 allows remote attackers to execute arbitrary code via compressed content with an invalid buffer size, which triggers a heap-based buffer overflow.

Exploits (1)

exploitdb WRITEUP VERIFIED

by Ben Nagy & Derek Soeder · htmldoswindows

https://www.exploit-db.com/exploits/30494

View Code ZIP pw:eip

This is a vulnerability writeup describing a buffer overflow in Microsoft Internet Explorer when rendering VML graphics. The issue can be triggered by a malicious HTML document referencing a compressed image file, potentially leading to remote code execution.

Classification

Writeup 90%

Attack Type

Rce

Complexity

Moderate

Reliability

Theoretical

Target: Microsoft Internet Explorer (versions affected by CVE-2007-1749)

No auth needed

Prerequisites: User interaction required to visit a malicious webpage

MITRE ATT&CK