Use-after-free vulnerability in Microsoft Internet Explorer 6 through 11 allows remote malicious users to execute arbitrary code via crafted JavaScript code that interacts improperly with a CollectGarbage function call on a CMarkup object allocated by the CMarkup::CreateInitialMarkup function.
Vulnerable Product | Search on Vulmon | Subscribe to Product |
---|---|---|
microsoft internet explorer 10 |
||
microsoft internet explorer 11 |
||
microsoft internet explorer 8 |
||
microsoft internet explorer 9 |
||
microsoft internet explorer 6 |
||
microsoft internet explorer 7 |
Microsoft fixes a smaller set of software product code this month for “Critical” vulnerabilities, and a handful for “Important” fixes with MS014-030 through MS014-036. But whoa, almost 60 remote code execution flaws exist in the six versions of Internet Explorer and the Microsoft components that render fonts on your system! Not only is that a very long list of memory corruption issues, but one of the IE bug reports, credited to Peter Van Eeckhoutte, is over 180 days old. The fix and te...