Internet Explorer Same ID Property vulnerability

2012-06-22T00:00:00
ID SAINT:1D36EAAA583304555F072139C691DB73
Type saint
Reporter SAINT Corporation
Modified 2012-06-22T00:00:00

Description

Added: 06/22/2012
CVE: CVE-2012-1875
BID: 53847
OSVDB: 82865

Background

Internet Explorer is an HTML web browser which comes by default on Microsoft operating systems.

Problem

A vulnerability in Internet Explorer allows command execution when a user opens a specially crafted web page which causes an access attempt to a deleted object, resulting in memory corruption.

Resolution

Apply the update found in Microsoft Security Bulletin 12-037.

References

<http://technet.microsoft.com/en-us/security/bulletin/MS12-037>

Limitations

Exploit works on Internet Explorer 8 on Windows XP and Windows 7, and requires a user to open the exploit page.

JRE 6 must be installed on Windows 7 targets.

Platforms

Windows