Internet Explorer CVE-2010-0249 'srcElement()' Remote Code Execution Vulnerability

Internet Explorer CVE-2010-0249 'srcElement()' Remote Code Execution Vulnerability

References:

21.01.10 Internet Explorer CVE-2010-0249 Remote Code Execution Vulnerability (BugSec)
Advisory 979352 Update for Monday January 18 (Microsoft)
ASLR+DEP = no problem. :> (Dave Aitel)
Avaya Enterprise (Fomerly Nortel Enterprise) Response to Microsoft Security Bull (Nortel Networks)
Further Insight into Security Advisory 979352 and the Threat Landscape (Microsoft)
Internet Explorer Homepage (Microsoft)
Reproducing the 'Aurora' IE Exploit (Metasploit)
Security Advisory 979352 â?? Going out of Band (Microsoft Security Response Center)
Security Advisory 979352 Released (Microsoft Security Response Center)
ASA-2010-018 MS10-002 Cumulative Security Update for Internet Explorer (978207) (Avaya)
Microsoft Security Advisory (979352) Vulnerability in Internet Explorer Could Al (Microsoft)
Microsoft Security Bulletin MS10-002 (Microsoft)
Vulnerability Note VU#492515 Microsoft Internet Explorer allows remote code exec (US-CERT)

Privacy Statement
Copyright 2010, SecurityFocus