This Metasploit module exploits a vulnerability in the getElementsByTagName function as implemented within Internet Explorer.
d11edd52626b5a17b7f199e8ad2f6694a46ee39e57f58766dc6ad4feb982d0fc
iDefense Security Advisory 12.08.09 - Remote exploitation of a memory corruption vulnerability in Microsoft Corp.'s Internet Explorer could allow an attacker to execute arbitrary code with the privileges of the current user. iDefense confirmed the existence of this vulnerability in Internet Explorer versions 6 and 7. Internet Explorer versions 5 and 8 do not appear to be affected.
02c288bac610a30750b24e5ac7d76b96ca73822fa4f83a51387d4eb8f92e1474