MS.IE.HTML.Object.Memory.Corruption

Last Updated Date	Mar 09, 2010
Release Date	Jan 12, 2010
Severity	Critical
Impact	System Compromise
Description	This indicates an attack attempt against a memory-corruption vulnerability in Microsoft Internet Explorer. The vulnerability is caused by an error when the vulnerable software handles a specially crafted CSS style object. It allows a remote attacker to execute arbitrary code.
Affected Products	Microsoft Internet Explorer 6 Microsoft Internet Explorer 7
Recommended Actions	Apply the patch supplied by the vendor: http://www.microsoft.com/technet/security/bulletin/ms09-072.mspx
Common Vulnerabilities and Exposures (CVE)	http://cve.mitre.org/cgi-bin/cvename.cgi?name=2009-3672
Microsoft Bulletin ID	MS09-072 http://www.microsoft.com/technet/security/Bulletin/MS09-072.mspx
Reference/s	http://www.securityfocus.com/bid/37085 (BugTraq) http://www.vupen.com/english/advisories/2009/3301

Reference: VID-18021