There are three vulnerabilities for Internet Explorer 7 at this time.
Integer overflow in Microsoft Internet Explorer 6 on Windows XP SP2 allows remote attackers to cause a denial of service (crash) and execute arbitrary code via a 0x7fffffff argument to the setSlice method on a WebViewFolderIcon ActiveX object, which leads to an invalid memory copy.
It can can result in a DoS attack on any server that is using a version of openssl
(does not affect openssl versions earlier then 0.9.7). They have
patched openssl and released 0.9.7l and 0.9.8d.