|
|
|||
Release Date:2010/03/18
Attack Name:WEB-CLIENT Internet Explorer Data Binding Memory Corruption exploit
Severity:
BUG ID:
CVE ID:
| Description:
|
A use-after-free flaw exists in Internet Explorer. The data binding function fails to update the array length after releasing an object resulting in access to the deleted object's memory space. With a specially crafted web page, a context dependent attacker can cause arbitrary code execution resulting in a loss of integrity.
Impact:Remote code execution
Affected System:Windows
Additional References:bid:32721
| Solution:
|
Update vendor's patch.