Signature Detail
This site is deprecated. Please CLICK HERE for latest updates
Short Name |
HTTP:STC:IE:UAF-RCE |
|---|---|
Severity |
Critical |
Recommended |
No |
Recommended Action |
Drop |
Category |
HTTP |
Keywords |
Microsoft Internet Explorer Use-After-Free Code Execution |
Release Date |
2012/12/31 |
Update Number |
2217 |
Supported Platforms |
idp-4.0+, isg-3.1.134269+, j-series-9.5+, mx-11.4+, srx-12.1+, srx-branch-12.1+, vmx-17.4+, vsrx-12.1+, vsrx3bsd-18.2+ |
HTTP: Microsoft Internet Explorer Use-After-Free Code Execution
This signature detects attempts to exploit a known vulnerability against Microsoft Internet Explorer. A successful attack can lead to arbitrary code execution.
Extended Description
Use-after-free vulnerability in Microsoft Internet Explorer 6 through 8 allows remote attackers to execute arbitrary code via a crafted web site that triggers access to an object that (1) was not properly allocated or (2) is deleted, as demonstrated by a CDwnBindInfo object, and exploited in the wild in December 2012.
Affected Products
- Microsoft internet_explorer 6
- Microsoft internet_explorer 7
- Microsoft internet_explorer 8
References
- BugTraq: 57070
- CVE: CVE-2012-4792
- URL: http://blog.fireeye.com/research/2012/12/council-foreign-relations-water-hole-attack-details.html
- URL: http://eromang.zataz.com/2012/12/29/attack-and-ie-0day-informations-used-against-council-on-foreign-relations/
- URL: http://technet.microsoft.com/en-us/security/advisory/2794220
- URL: http://blogs.technet.com/b/srd/archive/2012/12/29/new-vulnerability-affecting-internet-explorer-8-users.aspx
- URL: http://blog.exodusintel.com/2013/01/02/happy-new-year-analysis-of-cve-2012-4792/
- URL: https://community.rapid7.com/community/metasploit/blog/2012/12/29/microsoft-internet-explorer-0-day-marks-the-end-of-2012