Patch Repository

MS07-016 Bulletin Details
Bulletin ID MS07-016
Title Cumulative Security Update for Internet Explorer (928090)
Summary COM Object Instantiation Memory Corruption Vulnerability - CVE-2006-4697:
A remote code execution vulnerability exists in the way Internet Explorer instantiates COM objects that are not intended to be instantiated in Internet Explorer. An attacker could exploit the vulnerability by constructing a specially crafted Web page that could potentially allow remote code execution if a user viewed the Web page. An attacker who successfully exploited this vulnerability could take complete control of an affected system.

COM Object Instantiation Memory Corruption Vulnerability - CVE-2007-0219:
A remote code execution vulnerability exists in the way Internet Explorer instantiates COM objects that are not intended to be instantiated in Internet Explorer. An attacker could exploit the vulnerability by constructing a specially crafted Web page that could potentially allow remote code execution if a user viewed the Web page. An attacker who successfully exploited this vulnerability could take complete control of an affected system.

FTP Server Response Parsing Memory Corruption Vulnerability - CVE-2007-0217:
A remote code execution vulnerability exists in the way Internet Explorer interprets certain responses from FTP servers. An attacker could exploit the vulnerability by sending specially crafted FTP responses in an FTP session to the FTP client included in Internet Explorer. An attacker who successfully exploited this vulnerability could gain the same user rights as the local user. Users whose accounts are configured to have fewer user rights on the system could be less impacted than users who operate with administrative user rights.

Knowledgebase 928090

List of Patches

S.No Patch Description Severity
1Cumulative Security Update for Internet Explorer for Windows Server 2003 (KB972260)Critical

Disclaimer: This webpage is intended to provide you information about patch announcement for certain specific software products. The information is provided "As Is" without warranty of any kind. The links provided point to pages on the vendors websites. You can get more information by clicking the links to visit the relevant pages on the vendors website.