| CVE Number | Vulnerability | Product | Severity | Date |
|---|---|---|---|---|
| MS07-050 | Vulnerability in Vector Markup Language Could Allow Remote Code Execution (938127) | Microsoft Internet | Critical | 16-08-2007 |
Technical Information
Brief overview of the risk:
This security update resolves a privately reported vulnerability in the Vector Markup Language (VML) implementation in Windows. The vulnerability could allow remote code execution if a user viewed a specially crafted Web page using Internet Explorer. Users whose accounts are configured to have fewer user rights on the system could be less impacted than users who operate with administrative user rights.
Detailed Information on the risk:
A remote code execution vulnerability exists in the Vector Markup Language (VML) implementation in Microsoft Windows. An attacker could exploit the vulnerability by constructing a specially crafted Web page or HTML e-mail. When a user views the Web page or the message, the vulnerability could allow remote code execution.Further information on this exploit is available at : MS07-050
Affected Software
Microsoft Internet Explorer 5.01 Service Pack 4Microsoft Internet Explorer 6
Microsoft Internet Explorer 7