Lucene search

K
cve[email protected]CVE-2012-1874
HistoryJun 12, 2012 - 10:55 p.m.

CVE-2012-1874

2012-06-1222:55:01
CWE-94
web.nvd.nist.gov
99
cve-2012-1874
microsoft
internet explorer
memory object handling
vulnerability
remote code execution

9.3 High

CVSS2

Attack Vector

NETWORK

Attack Complexity

MEDIUM

Authentication

NONE

Confidentiality Impact

COMPLETE

Integrity Impact

COMPLETE

Availability Impact

COMPLETE

AV:N/AC:M/Au:N/C:C/I:C/A:C

8 High

AI Score

Confidence

Low

0.92 High

EPSS

Percentile

99.0%

Microsoft Internet Explorer 8 and 9 does not properly handle objects in memory, which allows user-assisted remote attackers to execute arbitrary code by accessing a deleted object, aka β€œDeveloper Toolbar Remote Code Execution Vulnerability.”

Affected configurations

NVD
Node
microsoftinternet_explorerMatch8
OR
microsoftinternet_explorerMatch9
AND
microsoftwindows_7x64
OR
microsoftwindows_7x86
OR
microsoftwindows_7sp1x86
OR
microsoftwindows_7Match-
OR
microsoftwindows_7Match-sp1x86
OR
microsoftwindows_server_2003sp2
OR
microsoftwindows_server_2008sp2itanium
OR
microsoftwindows_server_2008sp2x64
OR
microsoftwindows_server_2008sp2x86
OR
microsoftwindows_server_2008Match-sp2itanium
OR
microsoftwindows_server_2008Matchr2itanium
OR
microsoftwindows_server_2008Matchr2x64
OR
microsoftwindows_vistasp2
OR
microsoftwindows_xpsp3
OR
microsoftwindows_xpMatch-sp2x64

9.3 High

CVSS2

Attack Vector

NETWORK

Attack Complexity

MEDIUM

Authentication

NONE

Confidentiality Impact

COMPLETE

Integrity Impact

COMPLETE

Availability Impact

COMPLETE

AV:N/AC:M/Au:N/C:C/I:C/A:C

8 High

AI Score

Confidence

Low

0.92 High

EPSS

Percentile

99.0%