Release DateJan 12, 2010 |
Severitycritical |
ImpactSystem Compromise |
DescriptionThis indicates an attack attempt against a memory-corruption vulnerability in Microsoft Internet Explorer.The vulnerability is caused by an error when the vulnerable software handles a specially crafted CSS style object. It allows a remote attacker to execute arbitrary code. |
Affected ProductsMicrosoft Internet Explorer 6Microsoft Internet Explorer 7 |
Recommended ActionsApply the patch supplied by the vendor:http://www.microsoft.com/technet/security/bulletin/ms09-072.mspx |
Coverage IPS
VCM |
Common Vulnerabilities and Exposures (CVE)CVE-2009-3672 |
Reference/shttp://www.vupen.com/english/advisories/2009/3301http://www.microsoft.com/technet/security/Bulletin/MS09-072.mspx (MS-ID) http://www.securityfocus.com/bid/37085 (BugTraq) |
