[Full-disclosure] ZDI-09-070: Microsoft Internet Explorer Event Object Type Double-Free Vulnerability

ZDI-09-070: Microsoft Internet Explorer Event Object Type Double-Free Vulnerability http://www.zerodayinitiative.com/advisories/ZDI-09-070 October 13, 2009 -- CVE ID: CVE-2009-2530 -- Affected Vendors: Microsoft -- Affected Products: Microsoft Internet Explorer 6 Microsoft Internet Explorer 7

Re: [Full-disclosure] ZDI-09-070: Microsoft Internet Explorer Event Object Type Double-Free Vulnerability

This vulnerability can affected IE8?Isn't it mean that can bypass DEP+ASLR? Message: 14 Date: Tue, 13 Oct 2009 14:24:43 -0500 From: ZDI Disclosures zdi-disclosu...@tippingpoint.com Subject: [Full-disclosure] ZDI-09-070: Microsoft Internet Explorer Event Object Type Double-Free