There is an reference leak in Microsoft VBScript that can be turned into an use-after-free given sufficient time. The vulnerability has been confirmed in Internet Explorer on various Windows versions with the latest patches applied.
bbed7824f89e9377c1a62b7a38d9841ad9be96f597755fed927b3e56bee44b2c