Internet Explorer CSS Tag Parsing Code Execution Vulnerability |
---|
Description
A vulnerability has been reported in Internet Explorer, which can be exploited by malicious people to compromise a user's system. The vulnerability is caused due to insufficient memory being allocated to store a certain combination of CSS (Cascading Style Sheets) tags. This can be exploited to overwrite a byte in a virtual table pointer and call into user-controlled data in memory via a specially crafted web page. Successful exploitation allows execution of arbitrary code. NOTE: The vulnerability is currently being actively exploited.
Solution
Provided and/or discovered by
Other references
Deep Links |