VYPR
Unrated severityNVD Advisory· Published May 8, 2007· Updated Jun 16, 2026

CVE-2007-0942

CVE-2007-0942

Description

Microsoft Internet Explorer 5.01 SP4 on Windows 2000 SP4; 6 SP1 on Windows 2000 SP4; 6 and 7 on Windows XP SP2, or Windows Server 2003 SP1 or SP2; and possibly 7 on Windows Vista does not properly "instantiate certain COM objects as ActiveX controls," which allows remote attackers to execute arbitrary code via a crafted COM object from chtskdic.dll.

AI Insight

LLM-synthesized narrative grounded in this CVE's description and references.

Affected products

5
  • cpe:2.3:a:microsoft:ie:6.0:sp1:*:*:*:*:*:*
  • cpe:2.3:a:microsoft:internet_explorer:5.0.1:sp4:*:*:*:*:*:*+ 3 more
    • cpe:2.3:a:microsoft:internet_explorer:5.0.1:sp4:*:*:*:*:*:*
    • cpe:2.3:a:microsoft:internet_explorer:6.0:*:*:*:*:*:*:*
    • cpe:2.3:a:microsoft:internet_explorer:7.0:*:*:*:*:*:*:*
    • (no CPE)range: 5.01 SP4, 6 SP1, 6, 7

Patches

Vulnerability mechanics

References

9

News mentions

0

No linked articles in our index yet.