Zero Day Initiative Advisory 10-014 - This vulnerability allows remote attackers to execute arbitrary code on vulnerable installations of Microsoft Internet Explorer. User interaction is required to exploit this vulnerability in that the target must visit a malicious page. The specific flaw exists in the handling of cloned DOM objects in JavaScript. A specially crafted sequence of object cloning can result in the use of a pointer after it has been freed. Successful exploitation can lead to remote system compromise under the credentials of the currently logged in user.
e7ecf92872acf5177e227d4baeb77c6c1934f8cab6c05e05cae1e16f7a0e89a1