New Search

Vulnerability in Vector Markup Language (VML) Could Allow Remote Code Execution

oval:org.mitre.oval:def:1058

Integer overflow in the Vector Markup Language (VML) implementation (vgx.dll) in Microsoft Internet Explorer 5.01 6 and 7 on Windows 2000 SP4 XP SP2 Server 2003 and Server 2003 SP1 allows remote attackers to execute arbitrary code via a crafted web page that contains unspecified integer properties that cause insufficient memory allocation and trigger a buffer overflow aka the "VML Buffer Overrun Vulnerability."

Family:
windows
Status:
ACCEPTED
Platform(s):
  • Microsoft Windows 2000
  • Microsoft Windows XP
  • Microsoft Windows Server 2003
Class:
vulnerability
Reference(s):
  • CVE-2007-0024
Product(s):
  • Microsoft Internet Explorer