First published: Tue Jun 12 2007(Updated: )
Race condition in Microsoft Internet Explorer 5.01, 6, and 7 allows remote attackers to execute arbitrary code by causing Internet Explorer to install multiple language packs in a way that triggers memory corruption, aka "Language Pack Installation Vulnerability."
Credit: secure@microsoft.com
Affected Software | Affected Version | How to fix |
---|---|---|
Microsoft Windows 2000 | =sp4 | |
Internet Explorer | =5.01-sp4 | |
Internet Explorer | =6-sp1 | |
Microsoft Windows Server 2003 | =sp1 | |
Microsoft Windows Server 2003 | =sp2 | |
Microsoft Windows XP | ||
Microsoft Windows XP | =sp2 | |
Microsoft Windows XP | =sp2 | |
Internet Explorer | =6 | |
Internet Explorer | =7.0 | |
Microsoft Windows Server 2003 | ||
Microsoft Windows Server 2003 | =sp2 | |
Microsoft Windows Server 2003 | =sp1 | |
Microsoft Windows Server 2003 | =sp2 | |
Microsoft Windows Vista | =gold | |
Microsoft Windows Vista | =gold |
Sign up to SecAlerts for real-time vulnerability data matched to your software, aggregated from hundreds of sources.
CVE-2007-3027 is considered a critical vulnerability due to its potential to allow remote code execution.
To fix CVE-2007-3027, users should apply the latest security updates provided by Microsoft for Internet Explorer.
CVE-2007-3027 affects Microsoft Internet Explorer versions 5.01, 6, and 7 on various Windows operating systems.
Yes, CVE-2007-3027 can be exploited remotely, allowing attackers to execute arbitrary code on affected systems.
Exploitation of CVE-2007-3027 can lead to memory corruption and may allow attackers to install malicious software or take control of the affected system.