• info
• discussion
• exploit
• solution
• references

Microsoft Internet Explorer "CIframeElement" Use After Free Remote Code Execution Vulnerability

Solution:
The vendor has released an advisory and updates. Please see the references for details.


Microsoft Internet Explorer 7.0

• Microsoft Cumulative Security Update for Internet Explorer 7 for Windows Server 2003 (KB2183461)
  http://www.microsoft.com/downloads/details.aspx?FamilyID=8753ae27-60a4 -475a-b8bc-6a7764480295


• Microsoft Cumulative Security Update for Internet Explorer 7 for Windows Server 2003 64-bit Itanium Edition (K
  http://www.microsoft.com/downloads/details.aspx?FamilyID=5e730064-8270 -4d63-b497-c5ebeddea1fc


• Microsoft Cumulative Security Update for Internet Explorer 7 for Windows Server 2003 x64 Edition (KB2183461)
  http://www.microsoft.com/downloads/details.aspx?FamilyID=fd3e9d06-1f8b -4ef7-84f6-61e85a1767b8


• Microsoft Cumulative Security Update for Internet Explorer 7 for Windows XP (KB2183461)
  http://www.microsoft.com/downloads/details.aspx?FamilyID=4b489f8c-ada0 -4051-8284-0a941c04d2ed


• Microsoft Cumulative Security Update for Internet Explorer 7 for Windows XP x64 Edition (KB2183461)
  http://www.microsoft.com/downloads/details.aspx?FamilyID=5296fb82-c446 -4681-a9a0-0f80a2e248be


• Microsoft Cumulative Security Update for Internet Explorer 7 in Windows Server 2008 (KB2183461)
  http://www.microsoft.com/downloads/details.aspx?FamilyID=8239cb9e-bb5a -4157-8038-33d0b329eaee


• Microsoft Cumulative Security Update for Internet Explorer 7 in Windows Server 2008 for Itanium-based Systems
  http://www.microsoft.com/downloads/details.aspx?FamilyID=2f1eee63-2cca -4ec5-b196-36de3c0054cf


• Microsoft Cumulative Security Update for Internet Explorer 7 in Windows Server 2008 x64 Edition (KB2183461)
  http://www.microsoft.com/downloads/details.aspx?FamilyID=5ef8abf0-c89e -4911-8d77-42400d9a398f


• Microsoft Cumulative Security Update for Internet Explorer 7 in Windows Vista (KB2183461)
  http://www.microsoft.com/downloads/details.aspx?FamilyID=535c563e-cdac -4e3d-96b0-9947ea22deca


• Microsoft Cumulative Security Update for Internet Explorer 7 in Windows Vista x64 Edition (KB2183461)
  http://www.microsoft.com/downloads/details.aspx?FamilyID=cd1185e3-ca22 -4197-a53b-e7a2806ac352

Microsoft Internet Explorer 8

• Microsoft Cumulative Security Update for Internet Explorer 8 for Windows Server 2003 (KB2183461)
  http://www.microsoft.com/downloads/details.aspx?familyid=772e765d-0502 -4b0b-bde8-d4f62b96db64


• Microsoft Cumulative Security Update for Internet Explorer 8 for Windows Server 2003 x64 Edition (KB2183461)
  http://www.microsoft.com/downloads/details.aspx?familyid=863edf45-0d3b -4408-a47c-258dc4a4fd94


• Microsoft Cumulative Security Update for Internet Explorer 8 for Windows XP (KB2183461)
  http://www.microsoft.com/downloads/details.aspx?familyid=1662780f-370a -425b-9917-c601eb54a375


• Microsoft Cumulative Security Update for Internet Explorer 8 for Windows XP x64 Edition (KB2183461)
  http://www.microsoft.com/downloads/details.aspx?familyid=f8ae3978-bad6 -4201-8357-2d212ab703ef


• Microsoft Cumulative Security Update for Internet Explorer 8 in Windows 7 (KB2183461)
  http://www.microsoft.com/downloads/details.aspx?familyid=ecaf42e0-a288 -40c1-8602-21e967a87408


• Microsoft Cumulative Security Update for Internet Explorer 8 in Windows 7 x64 Edition (KB2183461)
  http://www.microsoft.com/downloads/details.aspx?familyid=ca57a47a-9111 -4abe-9356-4962ca2c1d65


• Microsoft Cumulative Security Update for Internet Explorer 8 in Windows Server 2008 (KB2183461)
  http://www.microsoft.com/downloads/details.aspx?familyid=409b9298-1e7d -48cf-9872-ffbdc56ebe53


• Microsoft Cumulative Security Update for Internet Explorer 8 in Windows Server 2008 R2 for Itanium-based Syste
  http://www.microsoft.com/downloads/details.aspx?familyid=7b457d04-03a9 -4eb0-ba6a-ab45267e4f74


• Microsoft Cumulative Security Update for Internet Explorer 8 in Windows Server 2008 R2 x64 Edition (KB2183461)
  http://www.microsoft.com/downloads/details.aspx?familyid=e7757bbc-3ef0 -421d-ab57-0083a302c77b


• Microsoft Cumulative Security Update for Internet Explorer 8 in Windows Server 2008 x64 Edition (KB2183461)
  http://www.microsoft.com/downloads/details.aspx?familyid=9b869bab-0797 -4f83-8c64-23dda9983c8d


• Microsoft Cumulative Security Update for Internet Explorer 8 in Windows Vista (KB2183461)
  http://www.microsoft.com/downloads/details.aspx?familyid=2062566b-8b81 -43c2-875d-9c06d4e3fa82


• Microsoft Cumulative Security Update for Internet Explorer 8 in Windows Vista x64 Edition (KB2183461)
  http://www.microsoft.com/downloads/details.aspx?familyid=65b04e29-8e39 -46de-94e8-b653969b1ffd

Microsoft Internet Explorer 6.0

• Microsoft Cumulative Security Update for Internet Explorer for Windows Server 2003 (KB2183461)
  http://www.microsoft.com/downloads/details.aspx?FamilyID=b0370e1e-dedf -4fe8-a06c-0e0f0a674205


• Microsoft Cumulative Security Update for Internet Explorer for Windows Server 2003 64-bit Itanium Edition (KB2
  http://www.microsoft.com/downloads/details.aspx?FamilyID=782e2963-4a52 -4a1d-b99a-34ba841038a7


• Microsoft Cumulative Security Update for Internet Explorer for Windows Server 2003 x64 Edition (KB2183461)
  http://www.microsoft.com/downloads/details.aspx?FamilyID=d92f5e69-43cf -4615-aa3b-41f9f40bb57b


• Microsoft Cumulative Security Update for Internet Explorer for Windows XP (KB2183461)
  http://www.microsoft.com/downloads/details.aspx?FamilyID=bc949915-4e16 -4897-a295-2f99102548ab


• Microsoft Cumulative Security Update for Internet Explorer for Windows XP x64 Edition (KB2183461)
  http://www.microsoft.com/downloads/details.aspx?FamilyID=96b7a562-af16 -4f0d-840c-838fb12e7419