Intrusion Prevention

MS.IE.Button.In.Form.Remote.Code.Execution

Description

This indicates an attack attempt against a Use-After-Free vulnerability in Microsoft Internet Explorer.
The vulnerability is caused by an error when the vulnerable software handles a used element's property. An attacker can exploit this by tricking an unsuspecting user into visiting a malicious webpage and execute arbitrary script code within the context of the application.

Affected Products

Internet Explorer 6
Internet Explorer 7
Internet Explorer 8

Impact

System Compromise: Remote attackers can execute arbitrary script code within the context of the target user's browser.

Recommended Actions

Refer to the vendor's Web site for suggested workaround.
http://technet.microsoft.com/en-us/security/advisory/2794220

CVE References

CVE-2012-4792