Executive Summary

Informations
NameCVE-2012-0169First vendor Publication2012-04-10
VendorCveLast vendor Modification2013-03-06

Security-Database Scoring CVSS v2

Cvss vector : (AV:N/AC:M/Au:N/C:C/I:C/A:C)
Cvss Base Score9.3Attack RangeNetwork
Cvss Impact Score10Attack ComplexityMedium
Cvss Expoit Score8.6AuthenticationNone Required
Calculate full CVSS 2.0 Vectors scores

Detail

Microsoft Internet Explorer 9 does not properly handle objects in memory, which allows remote attackers to execute arbitrary code by accessing a deleted object, aka "JScript9 Remote Code Execution Vulnerability."

Original Source

Url : http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2012-0169

CWE : Common Weakness Enumeration

idName
CWE-94Failure to Control Generation of Code ('Code Injection')

OVAL Definitions

Definition Id: oval:org.mitre.oval:def:15611
 
Oval ID: oval:org.mitre.oval:def:15611
Title: JScript9 Remote Code Execution Vulnerability
Description: Microsoft Internet Explorer 9 does not properly handle objects in memory, which allows remote attackers to execute arbitrary code by accessing a deleted object, aka "JScript9 Remote Code Execution Vulnerability."
Family: windows Class: vulnerability
Reference(s): CVE-2012-0169
Version: 3
Platform(s): Microsoft Windows Vista
Microsoft Windows Server 2008
Microsoft Windows Server 2008 R2
Microsoft Windows 7
Product(s): Microsoft Internet Explorer 9
Definition Synopsis:

CPE : Common Platform Enumeration

TypeDescriptionCount
Application1

OpenVAS Exploits

DateDescription
2012-04-11Name : Microsoft Internet Explorer Multiple Vulnerabilities (2675157)
File : nvt/secpod_ms12-023.nasl

Snort® IPS/IDS

DateDescription
2014-01-10Microsoft Internet Explorer iframe onreadystatechange handler use after free ...
RuleID : 28364 - Revision : 2 - Type : BROWSER-IE
2014-01-10Microsoft Internet Explorer iframe onreadystatechange handler use after free ...
RuleID : 28363 - Revision : 2 - Type : BROWSER-IE
2014-01-10Microsoft Internet Explorer vector graphics reference counting use-after-free...
RuleID : 26584 - Revision : 2 - Type : BROWSER-IE
2014-01-10Microsoft Internet Explorer iframe onreadystatechange handler use after free ...
RuleID : 23285 - Revision : 6 - Type : BROWSER-IE
2014-01-10Microsoft Internet Explorer iframe onreadystatechange handler use after free ...
RuleID : 21796 - Revision : 8 - Type : BROWSER-IE
2014-01-10Microsoft Internet Explorer vector graphics reference counting use-after-free...
RuleID : 21793 - Revision : 8 - Type : BROWSER-IE

Nessus® Vulnerability Scanner

DateDescription
2012-04-11Name : The remote host is affected by code execution vulnerabilities.
File : smb_nt_ms12-023.nasl - Type : ACT_GATHER_INFO

Internal Sources (Detail)

SourceUrl
BIDhttp://www.securityfocus.com/bid/52902
CERThttp://www.us-cert.gov/cas/techalerts/TA12-101A.html
MShttp://technet.microsoft.com/security/bulletin/MS12-023
OSVDBhttp://osvdb.org/81127
SECTRACKhttp://www.securitytracker.com/id?1026901
XFhttp://xforce.iss.net/xforce/xfdb/74380

Alert History

If you want to see full details history, please login or register.
0
1
2
3
4
DateInformations
2014-02-17 11:07:07
  • Multiple Updates
2013-05-10 22:31:39
  • Multiple Updates
2013-03-07 13:19:42
  • Multiple Updates
2012-12-06 13:20:06
  • Multiple Updates
2012-11-20 13:22:24
  • Multiple Updates