Intrusion Prevention

MS.IE.CreateElement.Memory.Corruption

Description

This indicates an attempt to exploit a memory-corruption vulnerability in Windows Internet Explorer.
This issue is caused by an error when the vulernable software handles a script that includes misuse of the "createElement" method.It may allow remote attackers to execute arbitrary code or crash the vulnerable software by sending a specially crafted web page.

Affected Products

Internet Explorer 6
Internet Explorer 7

Impact

System Compromise: Remote attackers can gain control of vulnerable systems.

Recommended Actions

Currently we are not aware of any officially supplied patch for this issue.