SECUNIA ADVISORY ID: SA42510
VERIFY ADVISORY: Secunia.com: http://secunia.com/advisories/42510/
CRITICALITY: Highly Critical
RELEASE DATE: 2010-12-21
DESCRIPTION: A vulnerability has been discovered in Internet Explorer, which can be exploited by malicious people to compromise a user's system.
The vulnerability is caused due to a use-after-free error when processing Cascading Style Sheets (CSS) and can be exploited to dereference freed memory via e.g. a specially crafted CSS file containing multiple import rules. Successful exploitation allows execution of arbitrary code. The vulnerability is confirmed in Internet Explorer 7 and 8 on a fully patched Windows XP SP3 system.
SOLUTION: Do not browse untrusted websites.
PROVIDED AND/OR DISCOVERED BY: sec yun
ORIGINAL ADVISORY: http://www.wooyun.org/bugs/wooyun-2010-0885
Internet Explorer CSS Import Rule Processing Use-After-Free VulnerabilityPosted on Monday, December 20, 2010 @ 20:40:25 CST in Security Associated Topics
  |
Related
![[Valid RSS]](https://www.ravenphpscripts.com/images/valid-rss.png "Validate my RSS feed"){kind=small}
