Lucene search
RootSSV:60506HistoryDec 13, 2012 - 12:00 a.m.
Microsoft Internet Explorer Ref Counting释放后重用远程代码执行漏洞(MS12-077)
2012-12-1300:00:00
Root
www.seebug.org
9
0.924 High
EPSS
Percentile
99.0%
BUGTRAQ ID: 56830
CVE(CAN) ID: CVE-2012-4787
Microsoft Internet Explorer是微软公司推出的一款网页浏览器,使用相当广泛。
Microsoft Internet Explorer 6、7、8、9、10在处理恶意HTML内容时,Ref Counting存在错误的内存操作,通过引诱用户浏览恶意网站,未经身份验证的远程攻击者可利用此漏洞以当前用户权限执行任意代码。
0
Microsoft Internet Explorer 9.x
Microsoft Internet Explorer 8.x
Microsoft Internet Explorer 7.x
Microsoft Internet Explorer 6.x
Microsoft Internet Explorer 10.x
临时解决方法:
-
将“互联网”和“内联网”安全区域设置为“高”,以阻止ActiveX控件和AS。
-
配置IE,在运行AS前提示,或禁用AS。
厂商补丁:
Microsoft
Microsoft已经为此发布了一个安全公告(MS12-077)以及相应补丁:
MS12-077:Cumulative Security Update for Internet Explorer (2761465)
链接:http://www.microsoft.com/technet/security/bulletin/MS12-077.mspx
Related
checkpoint_advisories
checkpoint_advisories
prion
prion
Design/Logic Flaw
2012-12-12 00:55:00
nvd
nvd
CVE-2012-4787
2012-12-12 00:55:01
cvelist
cvelist
CVE-2012-4787
2012-12-12 00:00:00
cve
cve
CVE-2012-4787
2012-12-12 00:55:01
openvas
openvas
Microsoft Internet Explorer Multiple Vulnerabilities (2761465)
2012-12-12 00:00:00
Microsoft Internet Explorer Multiple Vulnerabilities (2761465)
2012-12-12 00:00:00
mskb
mskb
nessus
nessus
MS12-077: Cumulative Security Update for Internet Explorer (2761465)
2012-12-11 00:00:00
securityvulns
securityvulns
Microsoft Internet Explorer multiple security vulnerabilities
2012-12-13 00:00:00