A heap overflow exists in Internet Explorer. The handling of document objects may cause the document model in memory to become unstable resulting in a heap overflow. With a specially crafted web page, a remote attacker can cause arbitrary code execution resulting in a loss of integrity.
Microsoft has released a patch to address this issue.
Microsoft IE 6 & 7 Element Tag Uninitialized Memory Corruption
Secunia Advisory ID:28036 Related OSVDB ID: 39118 Related OSVDB ID: 39119 Related OSVDB ID: 39121 Other Advisory URL: http://www.zerodayinitiative.com/advisories/ZDI-07-075.html Microsoft Security Bulletin: MS07-069 Microsoft Knowledge Base Article: 942615 Mail List Post: http://archives.neohapsis.com/archives/fulldisclosure/2007-12/0307.html Keyword: Tipping Point IPS ID 5822 CVE-2007-5344