Internet Explorer is an HTML web browser which comes by default on Microsoft operating systems.
A vulnerability in Microsoft Internet Explorer 8 allows remote attackers to execute arbitrary code in the context of the logged-in user when the user loads a specially crafted web page. The vulnerability is due to a use after free error when handling the
**CParaElement** node of the
Apply the updates identified in MS Bulletin MS13-009.
This exploit was tested against Internet Explorer 8 on Microsoft Windows XP SP3 English with DEP OptIn.
The user must open the exploit in Internet Explorer 8.