Intrusion Prevention

MS.IE.CSS.Overlapping.Nested.Tags

Description

This indicates an attack attempt against a memory-corruption vulnerability in
Microsoft Internet Explorer.
The vulnerability is caused by an error when the vulnerable software handles
overlapping nested CSS tags. It may allow a remote attacker to execute
arbitrary code via sending a crafted web page.

Affected Products

Internet Explorer 5.01
Internet Explorer 6
Internet Explorer 6 Service Pack 1
Internet Explorer 7
Internet Explorer 8

Impact

Remote attackers can crash vulnerable software or may remotely execute arbitrary code.

Recommended Actions

Apply the patch, available from the vendor's website:
http://www.microsoft.com/technet/security/Bulletin/MS10-018.mspx

CVE References

CVE-2010-0807