Zero Day Initiative Advisory 12-188 - This vulnerability allows remote attackers to execute arbitrary code on vulnerable installations of Microsoft Internet Explorer. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists within the way Internet Explorer handles 'onrowsinserted' callback functions for certain elements. It is possible to alter the document DOM tree in a onrowsinserted callback function which can lead to a use-after-free condition when the function returns. This can result in remote code execution under the context of the current process.
4b7933dcb49833c0949097d659101dd0e863d974583fd5392687c7c88066b9f7