2 matches found
Integer overflow
Integer underflow in the CDownloadSink class code in the Vector Markup Language VML component VGX.DLL, as used in Internet Explorer 5.01, 6, and 7 allows remote attackers to execute arbitrary code via compressed content with an invalid buffer size, which triggers a heap-based buffer overflow...
CVE-2007-1749
CVE-2007-1749 is a VML/VGX.DLL heap-buffer-overflow remote-code-execution vulnerability in Internet Explorer versions 5.01, 6 and 7 caused by an integer underflow in CDownloadSink::OnDataAvailable when processing compressed VML content. The vulnerability can be triggered by a specially crafted we...