VUPEN Vulnerability Research Team discovered a critical vulnerability in Microsoft Internet Explorer. The vulnerability is caused by a use-after-free vulnerability when manipulating CSS @import statements through "addImport()" or "removeImport()", which could be exploited by attackers to leak arbitrary memory or execute arbitrary code via a malicious web page. Versions 9, 10, and 11 are affected.
cd96a783b0ba06438db8d155e68c36b5c423d9b3a31f74080fdd6447b9005d44