CVE-2012-4969
CVE-2012-4969
In short
A flaw in Internet Explorer allows attackers to run malicious code on your computer when you visit a crafted website. The browser incorrectly handles memory, letting attackers exploit this weakness to take control of your system.
Technical detail
Use-after-free vulnerability in CMshtmlEd::Exec function within mshtml.dll affects IE 6-9. Remote attackers can trigger arbitrary code execution by crafting malicious HTML content that causes the browser to access freed memory, resulting in privilege escalation and full system compromise.
Summary generated and translated by AI from the official description.
Use-after-free vulnerability in the CMshtmlEd::Exec function in mshtml.dll in Microsoft Internet Explorer 6 through 9 allows remote attackers to execute arbitrary code via a crafted web site, as exploited in the wild in September 2012.
CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H
Affected products
n/a · n/apublic PoCs found — 1
exploitdbwww.exploit-db.com/exploits/21840unverified⚠ Public resources, to assess the exposure of systems you control or are authorized to test. Test only with authorization.
Want to know if your infrastructure is exposed to this?
Talk to TrueHacking →References
http://blog.vulnhunt.com/index.php/2012/09/17/ie-execcommand-fuction-use-after-free-vulnerability-0day_en/http://dev.metasploit.com/redmine/projects/framework/repository/entry/modules/exploits/windows/browser/ie_execcommand_uaf.rbhttp://eromang.zataz.com/2012/09/16/zero-day-season-is-really-not-over-yet/https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A15729https://www.cisa.gov/known-exploited-vulnerabilities-catalog?field_cve=CVE-2012-4969http://technet.microsoft.com/security/advisory/2757760http://www.kb.cert.org/vuls/id/480095http://www.securitytracker.com/id?1027538http://www.securityweek.com/new-internet-explorer-zero-day-being-exploited-wildhttp://www.us-cert.gov/cas/techalerts/TA12-255A.htmlhttp://www.us-cert.gov/cas/techalerts/TA12-262A.htmlhttp://www.us-cert.gov/cas/techalerts/TA12-265A.html