[Full-disclosure] MSIE (mshtml.dll) OBJECT tag vulnerability
Perhaps not surprisingly, there appears to be a vulnerability in how Microsoft Internet Explorer handles or fails to handle certain combinations of nested OBJECT tags. This was tested with MSIE 6.0.2900.2180.xpsp.040806-1825 and mshtml.dll 6.00.2900.2873 xpspsp2gdr.060322-1613. At first sight, th...