The VUPEN Vulnerability Research Team has discovered a critical vulnerability in Microsoft Internet Explorer versions 8 and 9. The vulnerability is caused by a use-after-free error in the "mshtml.dll" component when processing certain "scrollIntoView" events, which could allow remote attackers the ability to execute arbitrary code via a specially crafted web page.
f1a197c1783c02ee319890a13237b275d13b69b33b95c58bfe6caca575473a2c