Internet Explorer CSS clip attribute memory corruption
Added: 11/16/2010CVE: CVE-2010-3962
BID: 44536
OSVDB: 68987
Background
Cascading Style Sheets (CSS) is a simple mechanism for adding style to web documents.Problem
A memory corruption vulnerability allows command execution when a user loads a web page containing a CSS clip attribute with a specific position, causing an invalid flag reference.Resolution
Apply a patch when available. See Microsoft Security Advisory 2458511 for patch information.References
http://secunia.com/advisories/42091Limitations
Exploit works on Internet Explorer 6 on Windows XP SP3 with security update KB2360131, and requires a user to open the exploit page in Internet Explorer.Platforms
Windows XPBack to exploit index