Intrusion Prevention



This indicates an attack attempt against a memory-corruption vulnerability in
Microsoft Internet Explorer.
The vulnerability is caused by an error when the vulnerable software handles
overlapping nested CSS tags. It may allow a remote attacker to execute
arbitrary code via sending a crafted web page.

Affected Products

Internet Explorer 5.01
Internet Explorer 6
Internet Explorer 6 Service Pack 1
Internet Explorer 7
Internet Explorer 8


Remote attackers can crash vulnerable software or may remotely execute arbitrary code.

Recommended Actions

Apply the patch, available from the vendor's website:

CVE References