CVE-2008-4844

Name of the Vulnerable Software and Affected Versions Microsoft Internet Explorer versions 5.01 through 7

Description The issue is related to a use-after-free vulnerability in the CRecordInstance::TransferToDestination function, allowing remote attackers to execute arbitrary code via crafted HTML or XML documents. This can be achieved through DSO bindings involving XML Island, XML DSOs, or Tabular Data Control (TDC), as demonstrated by nested SPAN or MARQUEE elements. The vulnerability was exploited in the wild in December 2008. It is also described as an invalid pointer reference in the data binding function, which can cause Internet Explorer to exit unexpectedly and potentially allow remote code execution when a user views a specially crafted Web page.

Recommendations For Microsoft Internet Explorer versions 5.01 through 7, consider disabling data binding as a temporary workaround until a patch is available. Restrict access to potentially vulnerable components, such as XML Island, XML DSOs, or Tabular Data Control (TDC), to minimize the risk of exploitation. Avoid using nested SPAN or MARQUEE elements in HTML or XML documents until the issue is resolved.