CVE-2007-0099

CVE Database · CVE-2007-0099

CVE-2007-0099

· N/AModified

CVSS v3.1

N/A

EPSS

24.89%

Published

Jan 8, 2007

Modified

Apr 22, 2026

Public PoC / Exploit (1)

All weaponized →

TrickestTrickest PoC index

Links to public security research (Exploit-DB, Nuclei, Trickest, GitHub) for defensive use only.

Description

Race condition in the msxml3 module in Microsoft XML Core Services 3.0, as used in Internet Explorer 6 and other applications, allows remote attackers to execute arbitrary code or cause a denial of service (application crash) via many nested tags in an XML document in an IFRAME, when synchronous document rendering is frequently disrupted with asynchronous events, as demonstrated using a JavaScript timer, which can trigger NULL pointer dereferences or memory corruption, aka "MSXML Memory Corruption Vulnerability."

Weaknesses (CWE)

CWE-362

Affected Products (2)

microsoft · xml_core_servicesvulnerable

microsoft · internet_explorervulnerable

References (20)

http://archives.neohapsis.com/archives/fulldisclosure/2007-01/0113.html

http://isc.sans.org/diary.php?storyid=2004

http://marc.info/?l=bugtraq&m=122703006921213&w=2

http://osvdb.org/32627

http://seclists.org/fulldisclosure/2007/Jan/0110.html

http://secunia.com/advisories/23655