Another Zero Day for IE6

Sunbelt Software, a security firm has just published an advisory regarding another 0 day vulnerability for Internet Explorer 6 found in the wild. This vulnerability affects Microsoft Internet Explorer 6 on Windows XP Home and
Windows XP Professional.

From their blog which is offline at the moment:

"The exploit uses a bug in VML in Internet Explorer to overflow a buffer
and inject shellcode.   It is currently on and off again at a number of
sites.
Security researchers at Microsoft have been informed. This story is
developing and research is ongoing.   Security professionals can contact
me for collaboration or further information. This exploit can be mitigated
by turning off Javascripting."

You can view the original advisory posted on Full-Disclosure here.