Internet Explorer is an HTML web browser which comes by default on Microsoft operating systems.
All references to DOM button objects are not properly removed when a DOM buttom object is deleted. If the stale references are used, an attempt to access unallocated memory may occur. This results in a use-after-free vulnerability.
Apply the appropriate update referenced in Microsoft Security Bulletin MS13-008.
This exploit has been tested against Microsoft Internet Explorer 8 running on Microsoft Windows XP SP3 English (DEP OptIn) and Microsoft Windows 7 SP1 (DEP OptIn).