CVE-2007-3902

2007-12-11T19:46:00
ID CVE-2007-3902
Type cve
Reporter NVD
Modified 2017-09-28T21:29:09

Description

Use-after-free vulnerability in the CRecalcProperty function in mshtml.dll in Microsoft Internet Explorer 5.01 through 7 allows remote attackers to execute arbitrary code by calling the setExpression method and then modifying the outerHTML property of an HTML element, one variant of "Uninitialized Memory Corruption Vulnerability."