Published: 12/06/2012 Updated: 07/12/2023

CVSS v2 Base Score: 9.3 | Impact Score: 10 | Exploitability Score: 8.6

VMScore: 935

Vector: AV:N/AC:M/Au:N/C:C/I:C/A:C

Microsoft Internet Explorer 8 does not properly handle objects in memory, which allows remote malicious users to execute arbitrary code by accessing a deleted object, aka "Same ID Property Remote Code Execution Vulnerability."

Vulnerable Product	Search on Vulmon	Subscribe to Product
microsoft internet_explorer 8

## # This file is part of the Metasploit Framework and may be subject to # redistribution and commercial restrictions Please see the Metasploit # web site for more information on licensing and terms of use # metasploitcom/ ## require 'msf/core' class Metasploit3 < Msf::Exploit::Remote Rank = NormalRanking include Msf::Exploit::R ...

Internet Explorer bug patched only a week ago now being exploited

The Register • John Leyden • 19 Jun 2012

Patch Tuesday - Malware Wednesday

Hackers have latched onto a vulnerability in Internet Explorer patched by Microsoft last week as a useful way to spread malware. The vulnerability is CVE-2012-1875 – which was patched in MS12-037 as part of the June edition of Microsoft's Patch Tuesday – and it is being exploited in the wild. Attacks are typically delivered by JavaScript code embedded in websites, some of which are actually legitimate. Windows users who visit these sites using unpatched boxes become infected thanks to the Ja...

CVE-2012-1875

Vulnerability Summary

Vulnerability Trend

Exploits

Recent Articles

References

Vulmon Search

About

Products

Connect