فا

‫ Microsoft Internet Explorer "display:run-in" Use-After-Free Arbitrary Code Execution Vulnerability

ID: IRCAD2014123668
Release Date: 2014-12-08
Criticality level: Highly critical
Software:
Microsoft Internet Explorer 9.x
Description:
A vulnerability has been reported in Microsoft Internet Explorer, which can be exploited by malicious people to compromise a user's system.
The vulnerability is caused due to a use-after-free error when handling CElement objects and can be exploited to cause memory corruption via a specially crafted HTML element with "display:run-in" style applied.
Successful exploitation of this vulnerability may allow execution of arbitrary code.
Solution
No official solution is currently available.
References:
Secunia:

نظرات

بدون نظر
شما برای نظر دادن باید وارد شوید

نوشته

 
تاریخ ایجاد: 21 آذر 1393

امتیاز

امتیاز شما
تعداد امتیازها: 0