Microsoft Internet Explorer Remote Code Execution Exploit (DEP and ASLR Bypass)

Summary

Microsoft Internet Explorer prone to remote code execution vulnerability

Credit:

The information has been provided by FaryadR (a.k.a Ciph3r).


Details

Vulnerable Systems:
 * Microsoft Internet Explorer 6 through 8

The Timed Interactive Multimedia Extensions (aka HTML+TIME) implementation in Microsoft Internet Explorer 6 through 8 does not properly handle objects in memory,which allows remote attackers to execute arbitrary code by accessing an object that was not properly initialized or is deleted, aka ‘Time Element Memory Corruption Vulnerability.

CVE Information:
2011-1255

Disclosure Timeline:
Published: 2012-08-16

Categories: Windows