Description: This module exploits a use-after-free vulnerability in Internet Explorer. The
vulnerability occurs when an invalid tag exists and other elements overlap/cover
where the object tag should be when rendered (due to their styles/positioning). The
mshtml!CObjectElement is then freed from memory because it is invalid. However, the
mshtml!CDisplay object for the page continues to keep a reference to the freed and
37 attempts to call a function on it, leading to the use-after-free
Tags: metasploit ,
Disclaimer: We are a infosec video aggregator and this video is linked from an external website. The original author may be different from the user re-posting/linking it here. Please do not assume the authors to be same without verifying.