MS.IE.Chtskdic.Dll.COM.Object.Instantiation.Memory.Corruption

description-logoDescription

This indicates an attempt to exploit a vulnerability in Microsoft Internet Explorer that may allow an attacker to cause a denial of service or execute arbitrary code.
The vulnerability is caused by memory corruption that occurs when an HTML document causes Internet Explorer to instantiate certain COM objects as ActiveX controls from chtskdic.dll. It allows remote attackers to crash IE or execute arbitrary code, by tricking a user into visiting a specially crafted web page.

affected-products-logoAffected Products

Internet Explorer 6.0
IE 6.0 for Windows 2003
IE 7.0

Impact logoImpact

Denial of service.
System Compromise: remote attackers can gain control of vulnerable systems.

recomended-action-logoRecommended Actions

Apply patch,available from the web site.
http://www.microsoft.com/technet/security/bulletin/ms07-027.mspx

Telemetry logoTelemetry

Coverage

IPS (Regular DB)
IPS (Extended DB)