CVE-2007-1751

Microsoft Internet Explorer 5.01, 6, and 7 - Remote Code Execution via Uninitialized Object Access

Title source: llm
STIX 2.1

Description

Microsoft Internet Explorer 5.01, 6, and 7 allows remote attackers to execute arbitrary code by causing Internet Explorer to access an uninitialized or deleted object, related to prototype variables and table cells, aka "Uninitialized Memory Corruption Vulnerability."

References (12)

Core 12
Core References
Broken Link vdb-entry x_refsource_osvdb
http://osvdb.org/35351
Third Party Advisory, VDB Entry vdb-entry x_refsource_xf
https://exchange.xforce.ibmcloud.com/vulnerabilities/34626
Third Party Advisory, VDB Entry x_refsource_misc
http://www.zerodayinitiative.com/advisories/ZDI-07-038.html
Broken Link, Vendor Advisory third-party-advisory x_refsource_secunia
http://secunia.com/advisories/25627
Broken Link, Third Party Advisory, VDB Entry vendor-advisory x_refsource_hp
http://www.securityfocus.com/archive/1/471947/100/0/threaded
Broken Link, Third Party Advisory, VDB Entry mailing-list x_refsource_bugtraq
http://www.securityfocus.com/archive/1/471210/100/0/threaded
Broken Link, Third Party Advisory, VDB Entry vdb-entry x_refsource_sectrack
http://securitytracker.com/id?1018235
Broken Link, Third Party Advisory, VDB Entry vdb-entry x_refsource_bid
http://www.securityfocus.com/bid/24418
Broken Link, Vendor Advisory vdb-entry x_refsource_vupen
http://www.vupen.com/english/advisories/2007/2153
Third Party Advisory, US Government Resource third-party-advisory x_refsource_cert
http://www.us-cert.gov/cas/techalerts/TA07-163A.html
Patch, Vendor Advisory vendor-advisory x_refsource_ms
https://docs.microsoft.com/en-us/security-updates/securitybulletins/2007/ms07-033

Scores

EPSS 0.6084
EPSS Percentile 99.0%

Details

CWE
CWE-908
Status published
Products (3)
microsoft/internet_explorer 5.01 sp4
microsoft/internet_explorer 6 sp1 (2 CPE variants)
microsoft/internet_explorer 7.0
Published Jun 12, 2007
Tracked Since Feb 18, 2026