=====================================================================
                                   CERT-Renater

                        Note d'Information No. 2007/VULN356
_____________________________________________________________________

DATE                      : 16/08/2007

HARDWARE PLATFORM(S)      : /

OPERATING SYSTEM(S)       : Internet Explorer

======================================================================

MS07-050 - Vulnerability in Vector Markup Language Could Allow Remote
Code Execution (938127)

Original Bulletin:
  http://www.microsoft.com/technet/security/bulletin/ms07-050.mspx

Affected Software:

   Microsoft Internet Explorer 5.01
   Microsoft Internet Explorer 6
   Windows Internet Explorer 7

Vulnerability Details:

VML Buffer Overrun Vulnerability - CVE-2007-1749

   A remote code execution vulnerability exists in the Vector Markup
Language (VML) implementation in Microsoft Windows. An attacker could
exploit the vulnerability by constructing a specially crafted Web page
or HTML e-mail. When a user views the Web page or the message, the
vulnerability could allow remote code execution.


======================================================================

          =========================================================
          Les serveurs de référence du CERT-Renater
          http://www.urec.fr/securite
          http://www.cru.fr/securite
          http://www.renater.fr
          =========================================================
          + CERT-RENATER          | tel : 01-53-94-20-44          +
          + 151 bd de l'Hopital   | fax : 01-53-94-20-41          +
          + 75013 Paris           | email: certsvp@renater.fr     +
          =========================================================