Microsoft Internet Explorer COM Object Instantiation Variant Memory Corruption Vulnerability
Microsoft Internet Explorer is prone to a memory-corruption vulnerability when instantiating certain COM objects.
Successfully exploiting this issue allows remote attackers to execute arbitrary machine code in the context of the affected application. This facilitates the remote compromise of affected computers.
Internet Explorer 7 on Microsoft Vista is not affected by this issue; Internet Explorer 7 on other Windows versions is affected only if COM objects have been enabled by the ActiveX opt-in feature.
This issue is similar to the ones described in previous COM object instantiation records, but it affects a different set of COM objects.