Use-after-free vulnerability in Microsoft Internet Explorer 5.01 SP4, 6 through SP1, and 7 allows remote attackers to execute arbitrary code via a crafted data stream that triggers memory corruption, as demonstrated using an invalid MIME-type that does not have a registered handler.
Software | From | Fixed in |
---|---|---|
microsoft / internet_explorer | 6 | 6.x |
microsoft / internet_explorer | 7 | 7.x |
microsoft / ie | 5.01-windows_2000_sp4 | 5.01-windows_2000_sp4.x |
microsoft / ie | 6-windows_server_2003_sp1 | 6-windows_server_2003_sp1.x |
microsoft / ie | 6-windows_server_2003_sp1_itanium | 6-windows_server_2003_sp1_itanium.x |
microsoft / ie | 6-windows_xp_sp2 | 6-windows_xp_sp2.x |
microsoft / ie | 7 | 7.x |
microsoft / ie | 7-windows_server_2003_sp1 | 7-windows_server_2003_sp1.x |
microsoft / ie | 7-windows_xp_sp2 | 7-windows_xp_sp2.x |