Microsoft Internet Explorer Malformed CSS Memory Corruption Vulnerability

ID ZDI-09-012
Type zdi
Reporter Sam Thomas of
Modified 2009-11-09T00:00:00


This vulnerability allows remote attackers to execute arbitrary code on vulnerable installations of Microsoft Internet Explorer. User interaction is required to exploit this vulnerability in that the target must visit a malicious page.

The specific flaw exists when processing, in XHTML strict mode, a CSS stylesheet containing a specific combination of style directives one of which must be a 'zoom'. The fault in processing results in a memory corruption vulnerability which can be leveraged to execute arbitrary code under the context of the current user.