Skip to main content

MicrosoftInternet Explorer CSS Handling Code Execution Vulnerability

Last Update Date: 28 Jan 2011 Release Date: 23 Nov 2009 5301 Views

RISK: Medium Risk

A vulnerability has been identified in Microsoft Internet Explorer, which could be exploited by attackers to compromise a vulnerable system. This issue is caused by a dangling pointer in the Microsoft HTML Viewer (mshtml.dll) when retrieving certain CSS/STYLE objects via the "getElementsByTagName()" method, which could allow attackers to crash an affected browser or execute arbitrary code by tricking a user into visiting a malicious web page.

It has confirmed the vulnerability on fully patched Windows XP SP3 systems with Internet Explorer 7 and 6.


Impact

  • Remote Code Execution

System / Technologies affected

  • Microsoft Internet Explorer 7
  • Microsoft Internet Explorer 6

Solutions

There is no patch available for this vulnerability currently.

Workaround :
  • Disable Active Scripting in the Internet and Local intranet security zones.
  • Enable Data Execution Protection (DEP) for Internet Explorer 6 Service Pack 2 or Internet Explorer 7

Vulnerability Identifier


Source


Related Link