5 matches found
Microsoft Internet Explorer InjectHTMLStream函数释放后重用远程代码执行漏洞(MS12-077)
BUGTRAQ ID: 56828 CVECAN ID: CVE-2012-4781 Microsoft Internet Explorer是微软公司推出的一款网页浏览器,使用相当广泛。 Microsoft Internet Explorer 6、7、8、9、10在处理恶意HTML内容时,"InjectHTMLStream"函数存在错误的内存操作,通过引诱用户浏览恶意网站,未经身份验证的远程攻击者可利用此漏洞以当前用户权限执行任意代码。 0 Microsoft Internet Explorer 9.x Microsoft Internet Explorer 8.x Microsoft...
CVE-2012-4781
CVE-2012-4781 is a Use-After-Free vulnerability in Microsoft Internet Explorer (IE6–IE10) triggered by crafted HTML/JS on a malicious site, enabling remote code execution via access to a deleted object in InjectHTMLStream. Public references note multiple use-after-free variants and credit MS12-07...
CVE-2012-4781
Use-after-free vulnerability in Microsoft Internet Explorer 6 through 10 allows remote attackers to execute arbitrary code via a crafted web site that triggers access to a deleted object, aka "InjectHTMLStream Use After Free Vulnerability."...
Microsoft Internet Explorer Multiple Vulnerabilities (2761465)
This host is missing a critical security update according to Microsoft Bulletin MS12-077. SPDX-FileCopyrightText: 2012 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only...
MS12-077: Cumulative Security Update for Internet Explorer (2761465)
The remote host is missing Internet Explorer IE Security Update 2761465. The installed version of IE is affected by vulnerabilities that could allow an attacker to execute arbitrary code on the remote host. C Tenable Network Security, Inc. include"compat.inc"; if description scriptid63224;...