CVE-2007-3902

2007-12-12T00:46:00
ID CVE-2007-3902
Type cve
Reporter cve@mitre.org
Modified 2018-10-15T21:32:00

Description

Use-after-free vulnerability in the CRecalcProperty function in mshtml.dll in Microsoft Internet Explorer 5.01 through 7 allows remote attackers to execute arbitrary code by calling the setExpression method and then modifying the outerHTML property of an HTML element, one variant of "Uninitialized Memory Corruption Vulnerability."