urlmon.dll in Microsoft Internet Explorer 7.0 beta 2 (aka 7.0.5296.0) allows remote malicious users to cause a denial of service (application crash) and possibly execute arbitrary code via a BGSOUND element with its SRC attribute set to "file://" followed by a large number of "-" (dash of hyphen) characters.
Vulnerable Product | Search on Vulmon | Subscribe to Product |
---|---|---|
microsoft ie 7.0 |