Pointer Reference Memory Corruption VulnerabilityID: oval:org.mitre.oval:def:6007 | Date: (C)2009-02-10 (M)2022-10-10 |
Class: VULNERABILITY | Family: windows |
Use-after-free vulnerability in mshtml.dll in Microsoft Internet Explorer 5.01, 6, and 7 on Windows XP SP2 and SP3, Server 2003 SP1 and SP2, Vista Gold and SP1, and Server 2008 allows remote attackers to execute arbitrary code via a crafted XML document containing nested SPAN elements, as exploited in the wild in December 2008.
Platform: |
Microsoft Windows 2000 |
Microsoft Windows XP |
Microsoft Windows Server 2003 |
Microsoft Windows Vista |
Microsoft Windows Server 2008 |
Product: |
Microsoft Internet Explorer |