Use-after-free vulnerability in Microsoft Internet Explorer 6 SP1, 6 SP2, and and 7 allows remote attackers to execute arbitrary code by assigning malformed values to certain properties, as demonstrated using the by property of an animateMotion SVG element, aka "Property Memory Corruption Vulnerability."

Threat-Mapped Scoring

Score: 1.8

Priority: P4 - Informational (Low)

• S9 – Sabotage of System/App

EPSS

Score: 0.65009
Percentile: 0.98372

CVSS Scoring

Mapped CWE(s)

• CWE-416 : Use After Free

Affected Products

• cpe:2.3:a:microsoft:internet_explorer:6:sp1:*:*:*:*:*:*
• cpe:2.3:a:microsoft:internet_explorer:6:*:*:*:*:*:*:*
• cpe:2.3:a:microsoft:internet_explorer:7:*:*:*:*:*:*:*

← Back to Home