Lucene search

K

Immunity CanvasMS12_037

HistoryJun 12, 2012 - 10:55 p.m.

Immunity Canvas: MS12_037

2012-06-1222:55:00

Immunity Canvas

exploitlist.immunityinc.com

24

9.3 High

CVSS2

Access Vector

NETWORK

Access Complexity

MEDIUM

Authentication

NONE

Confidentiality Impact

COMPLETE

Integrity Impact

COMPLETE

Availability Impact

COMPLETE

AV:N/AC:M/Au:N/C:C/I:C/A:C

0.97 High

EPSS

Percentile

99.7%

Name	ms12_037
CVE	CVE-2012-1876 Exploit Pack
VENDOR: Microsoft
Notes:
Some information regarding this exploit:
- It uses an information leak so does not depend of third party software.
- It works with js_recon
- It only works if the template is set as the exploit itself

Tested on:

Windows XP Professional SP3 English with Internet Explorer 8
Windows 7 English / Internet Explorer 8.

Tested on the following mshtml.dll versions:

v80760016625 - unpatched install
v80760117514 - some patchs
v90811216447 - all patchs except for ms12-037 patch

Important Do not use a template other than the exploit itself!

VersionsAffected: Internet Explorer 6/7/8/9
Repeatability:
MSADV: MS12-037
References: http://technet.microsoft.com/en-us/security/bulletin/ms12-037
CVE Url: http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2012-1876
Date public: 06/12/2012
CVSS: 9.5

9.3 High

CVSS2

Access Vector

NETWORK

Access Complexity

MEDIUM

Authentication

NONE

Confidentiality Impact

COMPLETE

Integrity Impact

COMPLETE

Availability Impact

COMPLETE

AV:N/AC:M/Au:N/C:C/I:C/A:C

0.97 High

EPSS

Percentile

99.7%

Related for MS12_037

securityvulns3 seebug4 exploitpack4 saint4 packetstorm4 zdt2 prion1 symantec1 cve2 zdi1 checkpoint_advisories1 exploitdb5 threatpost1 openvas2 mskb1 nessus1