|CVSS SCORE||6.8, (AV:N/AC:M/Au:N/C:P/I:P/A:P)|
The specific flaw exists within the parsing of style tags. By nesting a specific style tag within another, an attacker is able to cause a pointer to be used after the underlying object has been freed. This could be used to execute arbitrary code in the context of the current user.
Microsoft has issued an update to correct this vulnerability. More details can be found at: