Microsoft Internet Explorer contains a use-after-free vulnerability in the handling of CSS, which may allow a remote, unauthenticated attacker to execute arbitrary code.
Microsoft Internet Explorer contains a vulnerability caused by a use-after-free error within the mshtml.dll library. This vulnerability can be exploited when processing a web page referencing a Cascading Style Sheet (CSS) file that includes various @import rules. We have confirmed that Internet Explorer 6, 7, and 8 are affected.
Exploit code for this vulnerability is publicly available.
By convincing a user to view a specially crafted HTML document (e.g., a web page or an HTML email message or attachment), an attacker may be able to execute arbitrary code with the privileges of the user.
Apply an update
Enable Data Execution Prevention (DEP) on Internet Explorer
WooYun publicly reported this vulnerability.
This document was written by Michael Orlando.
|Date First Published:||2010-12-13|
|Date Last Updated:||2011-02-08 18:25 UTC|