CVE-2009-0076

Name of the Vulnerable Software and Affected Versions Microsoft Internet Explorer version 7

Description A remote code execution issue exists in the way Internet Explorer handles Cascading Style Sheets (CSS). This could be exploited by an attacker constructing a specially crafted Web page, potentially allowing remote code execution when a user views the page. The attacker could gain the same user rights as the logged on user. The issue is related to the use of the zoom style directive in conjunction with other directives in a malformed CSS stylesheet in a crafted HTML document.

Recommendations For Microsoft Internet Explorer version 7, consider restricting access to crafted Web pages that utilize malicious CSS stylesheets until a patch is available. As a temporary workaround, avoid using Internet Explorer to view untrusted Web pages.