Vulnerability Note VU#634956
Microsoft Internet Explorer CSS use-after-free vulnerability
Microsoft Internet Explorer contains a use-after-free vulnerability in the handling of CSS, which may allow a remote, unauthenticated attacker to execute arbitrary code.
Microsoft Internet Explorer contains a vulnerability caused by a use-after-free error within the mshtml.dll library. This vulnerability can be exploited when processing a web page referencing a Cascading Style Sheet (CSS) file that includes various @import rules. We have confirmed that Internet Explorer 6, 7, and 8 are affected.
Exploit code for this vulnerability is publicly available.
By convincing a user to view a specially crafted HTML document (e.g., a web page or an HTML email message or attachment), an attacker may be able to execute arbitrary code with the privileges of the user.
Apply an update
Enable Data Execution Prevention (DEP) on Internet Explorer
Vendor Information (Learn More)
|Vendor||Status||Date Notified||Date Updated|
|Microsoft Corporation||Affected||13 Dec 2010||08 Feb 2011|
CVSS Metrics (Learn More)
WooYun publicly reported this vulnerability.
This document was written by Michael Orlando.
- CVE IDs: CVE-2010-3971
- Date Public: 10 Dec 2010
- Date First Published: 13 Dec 2010
- Date Last Updated: 08 Feb 2011
- Severity Metric: 14.65
- Document Revision: 29
If you have feedback, comments, or additional information about this vulnerability, please send us email.