Use-after-free vulnerability in the SetMouseCapture implementation in mshtml.dll in Microsoft Internet Explorer 6 through 11 allows remote attackers to execute arbitrary code via crafted JavaScript strings, as demonstrated by use of an ms-help: URL that triggers loading of hxds.dll.
Name | Vendor | Start Version | End Version |
---|---|---|---|
Internet_explorer | Microsoft | 10 | 10 |
Internet_explorer | Microsoft | 8 | 8 |
Internet_explorer | Microsoft | 7 | 7 |
Internet_explorer | Microsoft | 11 | 11 |
Internet_explorer | Microsoft | 6 | 6 |
Internet_explorer | Microsoft | 11 | 11 |
Internet_explorer | Microsoft | 9 | 9 |