1. Skip to navigation
  2. Skip to content
  3. Skip to secondary-content




Microsoft Internet Explorer Two Code Execution Vulnerabilities

Report ID: SA200900739
Source: Secunia
Date of Discovery: 10.02.2009
Criticality: Urgent
Affects:
Microsoft Internet Explorer 7.x

Compromise From: From remote
Compromise Type: System access

Summary

Two vulnerabilities have been reported in Microsoft Internet Explorer, which can be exploited by malicious people to compromise a user's system.

Detailed Description

1) An unspecified error exists due to the use of a previously deleted object. This can be exploited to corrupt memory and execute arbitrary code when a user e.g. visits a malicious web site.

2) An unspecified error exists within the handling of Cascading Style Sheets (CSS). This can be exploited to cause a memory corruption and execute arbitrary code when a user e.g. visits a specially crafted web site.