Microsoft Internet Explorer CDwnBindInfo Object Reuse Flaw Lets Remote Users Execute Arbitrary Code
Version(s): 6, 7, 8
A vulnerability was reported in Microsoft Internet Explorer. A remote user can cause arbitrary code to be executed on the target user's system.
A remote user can create specially crafted HTML that, when loaded by the target user, will trigger a memory corruption error and execute arbitrary code on the target system. The code will run with the privileges of the target user.
Microsoft Internet Explorer 9 and Internet Explorer 10 are not affected.
This vulnerability is being actively exploited against Internet Explorer 8.
A remote user can create HTML that, when loaded by the target user, will execute arbitrary code on the target user's system.
No solution was available at the time of this entry.