Title: Microsoft Internet Explorer CTitleElement Use-After-Free Remote Code Execution Vulnerability ZDI IDs: - ZDI-15-458 - ZDI-CAN-2949 CVE ID: CVE-2015-2408 CVSS Score: 6.8 (AV:N/AC:M/Au:N/C:P/I:P/A:P) Affected Vendors: Microsoft Affected Products: Internet Explorer Vulnerability Details: Allows remote attackers to execute arbitrary code on vulnerable installations of Microsoft Internet Explorer. The flaw is in the handling of CTitleElement objects, causing a dangling pointer to be reused after being freed. This can be exploited by manipulating a document's elements. Additional Details: Microsoft has issued an update to correct this vulnerability. More details can be found at: https://technet.microsoft.com/en-us/library/security/ms15-065.aspx Disclosure Timeline: - 2015-06-02 - Vulnerability reported to vendor - 2015-10-07 - Coordinated public release of advisory Credit: Zheng Huang of Baidu Scloud XTeam