Intrusion Prevention



This indicates an attack attempt against a remote Code Execution vulnerability in Internet Explorer.
The vulnerability is caused by an uninitialized pointer in the structure for variant types. It can be exploited through a specially crafted web page using the "htmlfile" ActiveX object.

Affected Products

Internet Explorer 6
Internet Explorer 7
Internet Explorer 8
Internet Explorer 9


System Compromise: Remote attackers can gain control of vulnerable systems.

Recommended Actions

Apply the patch, available from the following web site:

CVE References