|
|
|
|
| |
Credit:
The information has been provided by ling & wushi of team509.
The original article can be found at: http://www.zerodayinitiative.com/advisories/ZDI-09-039
|
| |
Vulnerable Systems:
* Microsoft Internet Explorer 7 and earlier
The specific flaw exists when repeated calls are made to getElementsByTagName() and the reordering of the elements in the document causes an object to be allocated. The use of the event "onreadystatechange" during this operation improperly frees the previously allocated resource. The combination, with repeated page rendering, leads to the exploitable memory corruption.
Patch Availability:
Microsoft has issued an update to correct this vulnerability. More details can be found at:
http://www.microsoft.com/technet/security/bulletin/MS09-019.mspx
CVE Information:
CVE-2009-1531
Disclosure Timeline:
2009-01-26 - Vulnerability reported to vendor
2009-06-10 - Coordinated public release of advisory
|
|
|
|
|
