Microsoft Internet Explorer CSS Import Use-After-Free Code Execution

Added: 12/22/2010
CVE: CVE-2010-3971
BID: 45246
OSVDB: 69796

Background

Internet Explorer is an HTML web browser which comes by default on Microsoft operating systems. Cascading Style Sheets (CSS) is a simple mechanism for adding style to web documents.

Problem

Microsoft Internet Explorer is vulnerable to a use-after-free memory corruption vulnerability due to the way mshtml.dll handles CSS files with multiple import statements.

Resolution

Apply the patch referenced in Microsoft Security Advisory 2488013 when it becomes available.

References

http://secunia.com/advisories/42510

Limitations

Exploit works on Microsoft Internet Explorer 8 on Windows XP SP3.

The user must open a specially crafted CSS file in Internet Explorer 8.

Platforms

Windows XP

Back to exploit index