Immunity, Inc.
Name wp_ms11_003_ie_css_import
CVE CVE-2010-3971
Exploit Pack White_Phosphorus
DescriptionIE CSS Import Use After Free
NotesVENDOR: Microsoft
Notes:
This is a client-side exploit - USE THIS MODULE VIA HTTPSERVER

If you choose to host the exploit file on an independandant webserver, then you must include the genreated .css and .dll files as well.

VersionsAffected: Windows XP/Vista/7, IE Versions 7/8
Repeatability: Unlimited
MSADV: MS11-003
References: http://seclists.org/fulldisclosure/2010/Dec/110
http://www.microsoft.com/technet/security/bulletin/MS11-003.mspx
CVE Url: http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-3971
Date public: 2010-12-08
CVE: CVE-2010-3971
CVSS: 9.3

Learn more about the CANVAS Exploit Pack here: White_Phosphorus