CVE-2012-4792
CVE-2012-4792
In short
Internet Explorer 6-8 has a use-after-free bug where a malicious website can trick the browser into accessing memory that was already freed, allowing attackers to run arbitrary code on your computer.
Technical detail
A use-after-free vulnerability in Internet Explorer 6-8 allows remote attackers to execute arbitrary code by crafting a web page that references a freed object (such as CDwnBindInfo), exploiting memory management flaws. The attack requires only that a user visits a malicious website; no additional user interaction or authentication is needed, resulting in complete system compromise.
Summary generated and translated by AI from the official description.
Use-after-free vulnerability in Microsoft Internet Explorer 6 through 8 allows remote attackers to execute arbitrary code via a crafted web site that triggers access to an object that (1) was not properly allocated or (2) is deleted, as demonstrated by a CDwnBindInfo object, and exploited in the wild in December 2012.
CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H
Affected products
n/a · n/apublic PoCs found — 4
githubgithub.com/WizardVan/CVE-2012-4792★ 0cve_referencepacketstormsecurity.com/files/119168/Microsoft-Internet-Explorer-CDwnBindInfo-Object-Use-After-Free.htmlunverifiedexploitdbwww.exploit-db.com/exploits/23785unverifiedexploitdbwww.exploit-db.com/exploits/23754unverified⚠ Public resources, to assess the exposure of systems you control or are authorized to test. Test only with authorization.
Want to know if your infrastructure is exposed to this?
Talk to TrueHacking →References
http://blog.fireeye.com/research/2012/12/council-foreign-relations-water-hole-attack-details.htmlhttp://blogs.technet.com/b/srd/archive/2012/12/29/new-vulnerability-affecting-internet-explorer-8-users.aspxhttp://blogs.technet.com/b/srd/archive/2012/12/31/microsoft-quot-fix-it-quot-available-for-internet-explorer-6-7-and-8.aspxhttp://eromang.zataz.com/2012/12/29/attack-and-ie-0day-informations-used-against-council-on-foreign-relations/http://labs.alienvault.com/labs/index.php/2012/just-another-water-hole-campaign-using-an-internet-explorer-0day/http://packetstormsecurity.com/files/119168/Microsoft-Internet-Explorer-CDwnBindInfo-Object-Use-After-Free.htmlhttps://docs.microsoft.com/en-us/security-updates/securitybulletins/2013/ms13-008https://github.com/rapid7/metasploit-framework/blob/master/modules/exploits/windows/browser/ie_cbutton_uaf.rbhttps://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A16361https://www.cisa.gov/known-exploited-vulnerabilities-catalog?field_cve=CVE-2012-4792http://technet.microsoft.com/security/advisory/2794220http://www.kb.cert.org/vuls/id/154201