This vulnerability allows remote attackers to execute arbitrary code on vulnerable installations of Microsoft Internet Explorer. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists within the way Internet explorer handles the javascript statement βselection.emptyβ during certain onclick events. By causing a particular sequence of events, an attacker can cause a CDisplayObject to be freed while it is still in use. This results in an operation on previously freed memory that can be utilized to achieve remote code execution.