Intrusion Prevention

MS.IE.HTML.Objects.Script.Errors.Code.Execution

Description

This indicates an attack attempt to exploit a vulnerability in Microsoft Internet Explorer.
The vulnerability is caused by a failure to correctly handle script errors which can result in accessing deallocated memory. It may allow remote attackers to execute arbitrary code by sending crafted HTML objects in a web page.

Affected Products

Microsoft Internet Explorer 7 on Windows XP SP2, Windows Server 2003 SP1 or SP2, or Windows Vista.

Impact

Denial of Services
Arbitrary code execution

Recommended Actions

Apply patches (see the Microsoft security bulletin for details).
http://www.microsoft.com/technet/security/Bulletin/MS07-027.mspx

CVE References

CVE-2007-0947