Intrusion PreventionMS.IE.COM.Object.Instantiation.Code.Execution
Description
This indicates an attack attempt against a remote code execution vulnerability in Internet Explorer.
The vulnerability is caused by an error when Internet Explorer instantiates COM objects that are not intended to be instantiated in Internet Explorer. It may allow a remote attacker to execute arbitrary code via a specially crafted Web page.
Affected Products
Microsoft Internet Explorer 5.01 Service Pack 4 on Windows 2000 Service Pack 4
Microsoft Internet Explorer 6 Service Pack 1 on Windows 2000 Service Pack 4
Microsoft Internet Explorer 6 for Windows XP Service Pack 2
Microsoft Internet Explorer 6 for Windows XP Professional x64 Edition
Microsoft Internet Explorer 6 for Windows Server 2003
Microsoft Internet Explorer 6 for Windows Server 2003 SP1
Microsoft Internet Explorer 6 for Windows Server 2003 (Itanium)
Microsoft Internet Explorer 6 for Windows Server 2003 SP1 (Itanium)
Microsoft Internet Explorer 6 for Windows Server 2003 x64 Edition
Microsoft Windows Internet Explorer 7 for Windows XP Service Pack 2
Microsoft Windows Internet Explorer 7 for Windows XP Professional x64 Edition
Microsoft Windows Internet Explorer 7 for Windows Server 2003 Service Pack 1
Microsoft Windows Internet Explorer 7 for Windows Server 2003 SP1 (Itanium)
Microsoft Windows Internet Explorer 7 for Windows Server 2003 x64 Edition
Impact
System Compromise: Remote attackers can gain control of vulnerable systems.
Recommended Actions
Apply patch, available from the web site:
http://www.microsoft.com/technet/security/bulletin/ms07-016.mspx
Telemetry
Coverage
| IPS (Regular DB) | |
| IPS (Extended DB) |
| ID | 14147 |
| Created | Feb 14, 2007 |
| Updated | Jan 13, 2022 |
| Risk |
|
| CVE ID | CVE-2007-0219 |
| Exploit Prediction Score | 87.47% |
| Default Action | drop |
| Active | |
| Affected OS | Windows |
| Affected App | IE |