CVE-2010-1262

Name of the Vulnerable Software and Affected Versions Microsoft Internet Explorer versions 6 SP1 through 8

Description A remote code execution issue exists due to improper initialization or deletion of an object, leading to memory corruption. This is related to the CStyleSheet object and the free of the root container. An attacker could exploit this by constructing a specially crafted Web page, potentially allowing remote code execution when a user views the page. If successfully exploited, an attacker could gain the same user rights as the logged-on user, and if the user has administrative rights, the attacker could take complete control of the system.

Recommendations For Microsoft Internet Explorer versions 6 SP1 through 8, update to a version that is not affected by this issue to prevent remote code execution. As a temporary workaround, consider restricting access to Web pages from untrusted sources to minimize the risk of exploitation.