Posted by Berend-Jan Wever on Nov 01

Throughout November, I plan to release details on vulnerabilities I
found in web-browsers which I’ve not released before. This is the first
entry in that series.
The below information is also available on my blog at
http://blog.skylined.nl/20161101001.html. There you can find a repro
that triggered this issue in addition to the information below.
Follow me on twitter.com/berendjanwever for daily browser bugs.

MSIE 9 MSHTML CAttrArray…