Lucene search

[email protected]CVE-2012-2546

HistorySep 21, 2012 - 9:55 p.m.

CVE-2012-2546

2012-09-2121:55:00

CWE-399

[email protected]

web.nvd.nist.gov

115

cve-2012-2546

use-after-free vulnerability

microsoft internet explorer 9

remote code execution

crafted web site

7.3 High

AI Score

Confidence

Low

9.3 High

CVSS2

Access Vector

NETWORK

Access Complexity

MEDIUM

Authentication

NONE

Confidentiality Impact

COMPLETE

Integrity Impact

COMPLETE

Availability Impact

COMPLETE

AV:N/AC:M/Au:N/C:C/I:C/A:C

0.731 High

EPSS

Percentile

98.1%

JSON

Use-after-free vulnerability in Microsoft Internet Explorer 9 allows remote attackers to execute arbitrary code via a crafted web site that triggers access to a deleted object, aka “Event Listener Use After Free Vulnerability.”

CPENameOperatorVersion
microsoft:internet_explorermicrosoft internet explorereq9

CPE	Name	Operator	Version
microsoft:internet_explorer	microsoft internet explorer	eq	9

References

www.securityfocus.com/bid/55645

www.securitytracker.com/id?1027555

www.us-cert.gov/cas/techalerts/TA12-255A.html

docs.microsoft.com/en-us/security-updates/securitybulletins/2012/ms12-063

exchange.xforce.ibmcloud.com/vulnerabilities/78757

oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A15652

7.3 High

AI Score

Confidence

Low

9.3 High

CVSS2

Access Vector

NETWORK

Access Complexity

MEDIUM

Authentication

NONE

Confidentiality Impact

COMPLETE

Integrity Impact

COMPLETE

Availability Impact

COMPLETE

AV:N/AC:M/Au:N/C:C/I:C/A:C

0.731 High

EPSS

Percentile

98.1%

JSON

Related for CVE-2012-2546

seebug1 prion1 checkpoint_advisories1 mskb1 securityvulns1 openvas2 nessus1