3 matches found
Microsoft IE CFormElement释放后重用远程代码执行漏洞(MS12-071)
BUGTRAQ ID: 56420 CVE ID: CVE-2012-1538 Microsoft Internet Explorer是微软公司推出的一款网页浏览器,使用相当广泛。 IE 9 "CFormElement"类访问错误初始化或删除的对象时存在远程代码执行漏洞,攻击者可利用此漏洞访问已经释放的内存,导致执行任意代码,破坏内存。 0 Microsoft Internet Explorer 9.x 临时解决方法: 设置互联网和内联网安全区域为“高”,以阻止这些区域内的ActiveX控件和脚本。 配置IE,在运行活动脚本时提示,或者直接禁用。 厂商补丁: Microsoft...
CVE-2012-1538
Use-after-free vulnerability in Microsoft Internet Explorer 9 allows remote attackers to execute arbitrary code via a crafted web site, aka "CFormElement Use After Free Vulnerability."...
CVE-2012-1538
Microsoft Internet Explorer 9 is affected by CVE-2012-1538 (CFormElement use-after-free). The vulnerability allows remote code execution when a crafted web site triggers use-after-free of an object that has been freed, enabling code execution in the context of the user. The CVSS shows network att...