[SingCERT] Microsoft Internet Explorer CSS Parsing Remote Memory Corruption Vulnerability
- Published on Friday, 24 December 2010 14:49
[ Summary ]
Microsoft Internet Explorer is prone to a remote memory-corruption vulnerability.
This issue occurs when parsing cascading style sheet (CSS) expressions in web pages. Specifically, the issue is triggered when specially crafted '@import url()' statements are parsed, which may result in a use-after-free condition within the "mshtml.dll" library. Attackers can exploit this issue by enticing an unsuspecting user to view a specially crafted web page.
Proof-of-concept and exploit code is available
[ Affected Systems ]
Internet Explorer versions 6 and 8 are vulnerable.
[ Impact Analysis ]
Successfully exploiting this issue may allow attackers to execute arbitrary code in the context of the application. Failed exploit attempts will result in denial-of-service conditions.
[ Solution/Workaround ]
No Solution at this moment.
Run all software as a non privileged user with minimal access rights.
To reduce the impact of latent vulnerabilities, always run non administrative software as an unprivileged user with minimal access rights.
[ Reference ]