Lucene search

K

[email protected]NVD:CVE-2012-2523

HistoryAug 15, 2012 - 1:55 a.m.

CVE-2012-2523

2012-08-1501:55:01

CWE-189

[email protected]

web.nvd.nist.gov

9.3 High

CVSS2

Attack Vector

NETWORK

Attack Complexity

MEDIUM

Authentication

NONE

Confidentiality Impact

COMPLETE

Integrity Impact

COMPLETE

Availability Impact

COMPLETE

AV:N/AC:M/Au:N/C:C/I:C/A:C

8.1 High

AI Score

Confidence

Low

0.82 High

EPSS

Percentile

98.4%

Integer overflow in Microsoft Internet Explorer 8 and 9, JScript 5.8, and VBScript 5.8 on 64-bit platforms allows remote attackers to execute arbitrary code by leveraging an incorrect size calculation during object copying, aka “JavaScript Integer Overflow Remote Code Execution Vulnerability.”

Affected configurations

NVD

Node

microsoftinternet_explorerMatch8

OR

microsoftinternet_explorerMatch9

OR

microsoftjscriptMatch5.8

OR

microsoftvbscriptMatch5.8-x64

References

www.us-cert.gov/cas/techalerts/TA12-227A.html

docs.microsoft.com/en-us/security-updates/securitybulletins/2012/ms12-052

docs.microsoft.com/en-us/security-updates/securitybulletins/2012/ms12-056

oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A15790

9.3 High

CVSS2

Attack Vector

NETWORK

Attack Complexity

MEDIUM

Authentication

NONE

Confidentiality Impact

COMPLETE

Integrity Impact

COMPLETE

Availability Impact

COMPLETE

AV:N/AC:M/Au:N/C:C/I:C/A:C

8.1 High

AI Score

Confidence

Low

0.82 High

EPSS

Percentile

98.4%

Related for NVD:CVE-2012-2523

checkpoint_advisories1 nessus2 mskb2 cve1 openvas4 seebug1 prion1 cvelist1 securityvulns1