Microsoft Internet Explorer 'Style' Object Remote Code Execution Vulnerability

Microsoft Internet Explorer 'Style' Object Remote Code Execution Vulnerability

A poof of concept ('37085-2.html') and exploit ('37085.html') are available.

UPDATE: Symantec has verified that the available exploit is functional but not very reliable. However, the exploit code could be modified to be more reliable.

A working commercial exploit is available through VUPEN Security - Exploit and PoCs Service. This exploit is not otherwise publicly available or known to be circulating in the wild.

A Metasploit framework exploit module ('37085.rb') is available.

/data/vulnerabilities/exploits/37085.rb
/data/vulnerabilities/exploits/37085.html
/data/vulnerabilities/exploits/37085-2.html