Lucene search

[email protected]CVE-2012-1545

HistoryOct 03, 2022 - 4:15 p.m.

CVE-2012-1545

2022-10-0316:15:24

CWE-119

[email protected]

web.nvd.nist.gov

microsoft

internet explorer

vulnerability

bypass

protected mode

denial of service

memory corruption

nvd

cve-2012-1545

5.8 Medium

CVSS2

Attack Vector

NETWORK

Attack Complexity

MEDIUM

Authentication

NONE

Confidentiality Impact

NONE

Integrity Impact

PARTIAL

Availability Impact

PARTIAL

AV:N/AC:M/Au:N/C:N/I:P/A:P

6.9 Medium

AI Score

Confidence

High

0.01 Low

EPSS

Percentile

83.8%

JSON

Microsoft Internet Explorer 6 through 9, and 10 Consumer Preview, allows remote attackers to bypass Protected Mode or cause a denial of service (memory corruption) by leveraging access to a Low integrity process, as demonstrated by VUPEN during a Pwn2Own competition at CanSecWest 2012.

Affected configurations

NVD

Node

microsoftieMatch10consumer_preview

microsoftinternet_explorerMatch6.0

microsoftinternet_explorerMatch6.00.2462.0000

microsoftinternet_explorerMatch6.00.2479.0006

microsoftinternet_explorerMatch6.0.2600

microsoftinternet_explorerMatch6.00.2600.0000

microsoftinternet_explorerMatch6.0.2800

microsoftinternet_explorerMatch6.0.2800.1106

microsoftinternet_explorerMatch6.00.2800.1106

microsoftinternet_explorerMatch6.0.2900

microsoftinternet_explorerMatch6.0.2900.2180

microsoftinternet_explorerMatch6.00.2900.2180

microsoftinternet_explorerMatch6.00.3663.0000

microsoftinternet_explorerMatch6.00.3718.0000

microsoftinternet_explorerMatch6.00.3790.0000

microsoftinternet_explorerMatch6.00.3790.1830

microsoftinternet_explorerMatch6.00.3790.3959

microsoftinternet_explorerMatch7.0

microsoftinternet_explorerMatch7.0beta

microsoftinternet_explorerMatch7.0beta1

microsoftinternet_explorerMatch7.0beta2

microsoftinternet_explorerMatch7.0beta3

microsoftinternet_explorerMatch7.0.5730unknowngold

microsoftinternet_explorerMatch7.0.5730.11

microsoftinternet_explorerMatch7.00.5730.1100

microsoftinternet_explorerMatch7.00.6000.16386

microsoftinternet_explorerMatch7.00.6000.16441

microsoftinternet_explorerMatch8.0.6001

microsoftinternet_explorerMatch8.0.6001beta

microsoftinternet_explorerMatch9

CPENameOperatorVersion
microsoft:iemicrosoft ieeq10
microsoft:internet_explorermicrosoft internet explorereq6.0
microsoft:internet_explorermicrosoft internet explorereq6.00.2462.0000
microsoft:internet_explorermicrosoft internet explorereq6.00.2479.0006
microsoft:internet_explorermicrosoft internet explorereq6.0.2600
microsoft:internet_explorermicrosoft internet explorereq6.00.2600.0000
microsoft:internet_explorermicrosoft internet explorereq6.0.2800
microsoft:internet_explorermicrosoft internet explorereq6.0.2800.1106
microsoft:internet_explorermicrosoft internet explorereq6.00.2800.1106
microsoft:internet_explorermicrosoft internet explorereq6.0.2900

CPE	Name	Operator	Version
microsoft:ie	microsoft ie	eq	10
microsoft:internet_explorer	microsoft internet explorer	eq	6.0
microsoft:internet_explorer	microsoft internet explorer	eq	6.00.2462.0000
microsoft:internet_explorer	microsoft internet explorer	eq	6.00.2479.0006
microsoft:internet_explorer	microsoft internet explorer	eq	6.0.2600
microsoft:internet_explorer	microsoft internet explorer	eq	6.00.2600.0000
microsoft:internet_explorer	microsoft internet explorer	eq	6.0.2800
microsoft:internet_explorer	microsoft internet explorer	eq	6.0.2800.1106
microsoft:internet_explorer	microsoft internet explorer	eq	6.00.2800.1106
microsoft:internet_explorer	microsoft internet explorer	eq	6.0.2900

Rows per page:

1-10 of 251

References

arstechnica.com/business/news/2012/03/ie-9-on-latest-windows-gets-stomped-at-hacker-contest.ars

pwn2own.zerodayinitiative.com/status.html

twitter.com/vupen/statuses/177895844828291073

www.zdnet.com/blog/security/pwn2own-2012-ie-9-hacked-with-two-0day-vulnerabilities/10621

5.8 Medium

CVSS2

Attack Vector

NETWORK

Attack Complexity

MEDIUM

Authentication

NONE

Confidentiality Impact

NONE

Integrity Impact

PARTIAL

Availability Impact

PARTIAL

AV:N/AC:M/Au:N/C:N/I:P/A:P

6.9 Medium

AI Score

Confidence

High

0.01 Low

EPSS

Percentile

83.8%

JSON

Related for CVE-2012-1545

prion1 cvelist1 nvd1 openvas2