|CVSS SCORE||4.3, (AV:N/AC:M/Au:N/C:P/I:N/A:N)|
The vulnerability relates to how Internet Explorer handles custom data attributes attached to HTML elements. By manipulating a document's elements an attacker can force a string in memory to be reused after it has been freed, leading to a disclosure of memory contents. An attacker can use this information in conjunction with other vulnerabilities to execute arbitrary code in the context of the current process.
Microsoft has issued an update to correct this vulnerability. More details can be found at: