CVE: CVE-2017-0037
Published: 2017-02-26T23:59Z
Vendor: microsoft
Products: internet_explorer
Versions: 11,
Versions: *,
Description Language: en
Description: Microsoft Internet Explorer 10 and 11 and Microsoft Edge have a type confusion issue in the Layout::MultiColumnBoxBuilder::HandleColumnBreakOnColumnSpanningElement function in mshtml.dll, which allows remote attackers to execute arbitrary code via vectors involving a crafted Cascading Style Sheets (CSS) token sequence and crafted JavaScript code that operates on a TH element.