Vulnerability in N/a
CVE-2007-3027
Race condition in Microsoft Internet Explorer 5.01, 6, and 7 allows remote attackers to execute arbitrary code by causing Internet Explorer to install multiple language packs in a way that triggers memory corruption, aka "Language Pack Ins…
EPSS: 0.531 (98.0th percentile) — read the EPSS interpretation.
Affected products
- N/a — versions n/a
References
- 20070612 ZDI-07-037: Microsoft Internet Explorer Language Pack Installation Remote Code Execution Vulnerability (mailing-list, x_refsource_BUGTRAQ)
- 25627 (x_refsource_SECUNIA, third-party-advisory)
- SSRT071438 (x_refsource_HP, vendor-advisory)
- 1018235 (vdb-entry, x_refsource_SECTRACK)
- 24429 (vdb-entry, x_refsource_BID)
- ADV-2007-2153 (vdb-entry, x_refsource_VUPEN)
- TA07-163A (x_refsource_CERT, third-party-advisory)
- 35350 (x_refsource_OSVDB, vdb-entry)
- ie-language-code-execution(34621) (vdb-entry, x_refsource_XF)
- www.zerodayinitiative.com/advisories/ZDI-07-037.html (x_refsource_MISC)