Lumension® Endpoint Intelligence Center

Intelligence Center » Browse All Vulnerabilities » CVE-2012-4792

Overview

Vulnerability Score 9.3 9.3
CVE Id CVE-2012-4792
Last Modified 02 Nov 2013 11:27:30
Published 30 Dec 2012 01:55:01
Confidentiality Impact COMPLETE COMPLETE
Integrity Impact COMPLETE COMPLETE
Availability Impact COMPLETE COMPLETE
Access Vector NETWORK
Access Complexity MEDIUM
Authentication NONE

CVE-2012-4792

Summary

Use-after-free vulnerability in Microsoft Internet Explorer 6 through 8 allows remote attackers to execute arbitrary code via a crafted web site that triggers access to an object that (1) was not properly allocated or (2) is deleted, as demonstrated by a CDwnBindInfo object, and exploited in the wild in December 2012.

Vulnerable Systems

Application

  • Microsoft Internet Explorer 6

  • Microsoft Internet Explorer 7

  • Microsoft Internet Explorer 8


References

MISC - https://github.com/rapid7/metasploit-framework/blob/master/modules/exploits/windows/browser/ie_cdwnbindinfo_uaf.rb

CONFIRM - http://technet.microsoft.com/security/advisory/2794220

MS - MS13-008

CERT-VN - VU#154201

MISC - http://packetstormsecurity.com/files/119168/Microsoft-Internet-Explorer-CDwnBindInfo-Object-Use-After-Free.html

MISC - http://labs.alienvault.com/labs/index.php/2012/just-another-water-hole-campaign-using-an-internet-explorer-0day/

MISC - http://eromang.zataz.com/2012/12/29/attack-and-ie-0day-informations-used-against-council-on-foreign-relations/

CONFIRM - http://blogs.technet.com/b/srd/archive/2012/12/31/microsoft-quot-fix-it-quot-available-for-internet-explorer-6-7-and-8.aspx

CONFIRM - http://blogs.technet.com/b/srd/archive/2012/12/29/new-vulnerability-affecting-internet-explorer-8-users.aspx

MISC - http://blog.fireeye.com/research/2012/12/council-foreign-relations-water-hole-attack-details.html

CERT - TA13-015A

CERT - TA13-008A

MISC - https://github.com/rapid7/metasploit-framework/blob/master/modules/exploits/windows/browser/ie_cbutton_uaf.rb

Related Patches

MS 2794220 Workaround for Vulnerability in Internet Explorer (Enabled) (See Notes)

MS 2794220 Workaround for Vulnerability in Internet Explorer (Disabled) (See Notes)

MS13-008 Security Update for Internet Explorer 7 for Windows Server 2008 (KB2799329)

MS13-008 Security Update for Internet Explorer 8 for Windows Server 2008 (KB2799329)

MS13-008 Security Update for Internet Explorer 8 for Windows Vista (KB2799329)

MS13-008 Security Update for Internet Explorer 7 for Windows Vista (KB2799329)

MS13-008 Security Update for Internet Explorer 8 for Windows 7 (KB2799329)

MS13-008 Security Update for Internet Explorer 6 for Windows Server 2003 (KB2799329)

MS13-008 Security Update for Internet Explorer 7 for Windows Server 2003 (KB2799329)

MS13-008 Security Update for Internet Explorer 8 for Windows Server 2003 (KB2799329)

MS13-008 Security Update for Internet Explorer 8 for Windows XP (KB2799329)

MS13-008 Security Update for Internet Explorer 7 for Windows XP (KB2799329)

MS13-008 Security Update for Internet Explorer 6 for Windows XP (KB2799329)

MS13-008 Security Update for Internet Explorer 7 for Windows Vista x64 (KB2799329)

MS13-008 Security Update for Internet Explorer 8 for Windows Vista x64 (KB2799329)

MS13-008 Security Update for Internet Explorer 8 for Windows Server 2008 R2 x64 (KB2799329)

MS13-008 Security Update for Internet Explorer 7 for Windows Server 2003 x64 (KB2799329)

MS13-008 Security Update for Internet Explorer 6 for Windows Server 2003 x64 (KB2799329)

MS13-008 Security Update for Internet Explorer 8 for Windows Server 2003 x64 (KB2799329)

MS13-008 Security Update for Internet Explorer 8 for Windows Server 2008 x64 (KB2799329)

MS13-008 Security Update for Internet Explorer 7 for Windows Server 2008 x64 (KB2799329)

MS13-008 Security Update for Internet Explorer 8 for Windows 7 x64 (KB2799329)


Last Updated: 27 May 2016 11:01:49