Executive Summary

Summary
TitleVulnerability in Internet Explorer Could Allow Remote Code Execution
Informations
NameKB2794220First vendor Publication2012-12-29
VendorMicrosoftLast vendor Modification2013-01-14
Severity (Vendor) N/ARevision2.0

Security-Database Scoring CVSS v2

Cvss vector : (AV:N/AC:M/Au:N/C:C/I:C/A:C)
Cvss Base Score9.3Attack RangeNetwork
Cvss Impact Score10Attack ComplexityMedium
Cvss Expoit Score8.6AuthenticationNone Required
Calculate full CVSS 2.0 Vectors scores

Detail

General Information

Executive Summary

Microsoft has completed the investigation into a public report of this vulnerability. We have issued MS13-008 to address this issue. For more information about this issue, including download links for an available security update, please review MS13-008. The vulnerability addressed is the Internet Explorer Use After Free Vulnerability - CVE-2012-4792.

Original Source

Url : http://www.microsoft.com/technet/security/advisory/2794220.mspx

CWE : Common Weakness Enumeration

%idName
100 %CWE-399Resource Management Errors

OVAL Definitions

Definition Id: oval:org.mitre.oval:def:16361
 
Oval ID: oval:org.mitre.oval:def:16361
Title: Internet Explorer Use After Free Vulnerability - MS13-008
Description: Use-after-free vulnerability in Microsoft Internet Explorer 6 through 8 allows remote attackers to execute arbitrary code via a crafted web site that triggers access to an object that (1) was not properly allocated or (2) is deleted, as demonstrated by a CDwnBindInfo object, and exploited in the wild in December 2012.
Family: windows Class: vulnerability
Reference(s): CVE-2012-4792
Version: 5
Platform(s): Microsoft Windows 7
Microsoft Windows Server 2003
Microsoft Windows Server 2008
Microsoft Windows Server 2008 R2
Microsoft Windows Vista
Microsoft Windows XP
Product(s): Microsoft Internet Explorer 6
Microsoft Internet Explorer 7
Microsoft Internet Explorer 8
Definition Synopsis:

CPE : Common Platform Enumeration

TypeDescriptionCount
Application3
Os3
Os1
Os7
Os2
Os2

SAINT Exploits

DescriptionLink
Internet Explorer CButton Use After Free VulnerabilityMore info here

ExploitDB Exploits

idDescription
2013-01-02Microsoft Internet Explorer CButton Object Use-After-Free Vulnerability

Snort® IPS/IDS

DateDescription
2016-04-28Microsoft Internet Explorer deleted button use after free attempt
RuleID : 38364 - Revision : 2 - Type : BROWSER-IE
2016-04-28Microsoft Internet Explorer deleted button use after free attempt
RuleID : 38363 - Revision : 1 - Type : BROWSER-IE
2014-01-10Gong Da exploit kit possible jar download
RuleID : 27706 - Revision : 3 - Type : EXPLOIT-KIT
2014-01-10Gong Da exploit kit Java exploit requested
RuleID : 27705 - Revision : 3 - Type : EXPLOIT-KIT
2014-01-10Gong Da exploit kit Java exploit requested
RuleID : 27704 - Revision : 3 - Type : EXPLOIT-KIT
2014-01-10Gong Da exploit kit plugin detection
RuleID : 27703 - Revision : 2 - Type : EXPLOIT-KIT
2014-01-10Gong Da exploit kit landing page
RuleID : 27702 - Revision : 3 - Type : EXPLOIT-KIT
2014-01-10Gong Da Jar file download
RuleID : 27701 - Revision : 2 - Type : EXPLOIT-KIT
2014-01-10Blackholev2 exploit kit JNLP request
RuleID : 27070 - Revision : 2 - Type : EXPLOIT-KIT
2014-01-10Blackholev2 exploit kit landing page - specific structure
RuleID : 27067 - Revision : 4 - Type : EXPLOIT-KIT
2014-01-10iFramer injection - specific structure
RuleID : 26617 - Revision : 4 - Type : EXPLOIT-KIT
2014-01-10Multiple exploit kit successful redirection - jnlp bypass
RuleID : 26541 - Revision : 5 - Type : EXPLOIT-KIT
2014-01-10iFramer injection - specific structure
RuleID : 26540 - Revision : 4 - Type : EXPLOIT-KIT
2014-01-10Cool exploit kit java payload detection
RuleID : 26512 - Revision : 4 - Type : EXPLOIT-KIT
2014-01-10Sakura exploit kit redirection structure
RuleID : 26511 - Revision : 6 - Type : EXPLOIT-KIT
2014-01-10Cool exploit kit pdf payload detection
RuleID : 26510 - Revision : 5 - Type : EXPLOIT-KIT
2014-01-10Multiple exploit kit java payload detection
RuleID : 26509 - Revision : 4 - Type : EXPLOIT-KIT
2014-01-10Cool exploit kit landing page - specific structure
RuleID : 26507 - Revision : 4 - Type : EXPLOIT-KIT
2014-01-10Cool exploit kit jar file redirection
RuleID : 26506 - Revision : 6 - Type : EXPLOIT-KIT
2014-01-10Cool exploit kit malicious jar download
RuleID : 26256 - Revision : 4 - Type : EXPLOIT-KIT
2014-01-10Cool exploit kit redirection page
RuleID : 26254 - Revision : 4 - Type : EXPLOIT-KIT
2014-01-10Cool exploit kit MyApplet class retrieval
RuleID : 26229 - Revision : 4 - Type : EXPLOIT-KIT
2014-01-10Cool exploit kit redirection page
RuleID : 26228 - Revision : 4 - Type : EXPLOIT-KIT
2014-01-10Cool exploit kit Portable Executable download
RuleID : 26056 - Revision : 7 - Type : EXPLOIT-KIT
2014-01-10Cool exploit kit malicious class file download
RuleID : 26055 - Revision : 6 - Type : EXPLOIT-KIT
2014-01-10Cool exploit kit malicious class file download
RuleID : 26054 - Revision : 6 - Type : EXPLOIT-KIT
2014-01-10Cool exploit kit malicious class file download
RuleID : 26053 - Revision : 6 - Type : EXPLOIT-KIT
2014-01-10Cool exploit kit malicious class file download
RuleID : 26052 - Revision : 6 - Type : EXPLOIT-KIT
2014-01-10Cool exploit kit malicious jar file download
RuleID : 26051 - Revision : 7 - Type : EXPLOIT-KIT
2014-01-10Cool exploit kit SWF file download
RuleID : 26050 - Revision : 7 - Type : EXPLOIT-KIT
2014-01-10Cool exploit kit EOT file download
RuleID : 26049 - Revision : 7 - Type : EXPLOIT-KIT
2014-01-10Cool exploit kit PDF exploit
RuleID : 26048 - Revision : 8 - Type : EXPLOIT-KIT
2014-01-10Cool exploit kit redirection structure
RuleID : 26047 - Revision : 5 - Type : EXPLOIT-KIT
2014-01-10Cool exploit kit landing page
RuleID : 26046 - Revision : 5 - Type : EXPLOIT-KIT
2014-01-10Gong Da exploit kit redirection page received
RuleID : 26013 - Revision : 4 - Type : EXPLOIT-KIT
2014-01-10Cool exploit kit Portable Executable download
RuleID : 25968 - Revision : 7 - Type : EXPLOIT-KIT
2014-01-10Cool exploit kit malicious class file download
RuleID : 25967 - Revision : 5 - Type : EXPLOIT-KIT
2014-01-10Cool exploit kit malicious class file download
RuleID : 25966 - Revision : 5 - Type : EXPLOIT-KIT
2014-01-10Cool exploit kit malicious class file download
RuleID : 25965 - Revision : 5 - Type : EXPLOIT-KIT
2014-01-10Cool exploit kit malicious class file download
RuleID : 25964 - Revision : 5 - Type : EXPLOIT-KIT
2014-01-10Cool exploit kit SWF file download
RuleID : 25963 - Revision : 7 - Type : EXPLOIT-KIT
2014-01-10Cool exploit kit EOT file download
RuleID : 25962 - Revision : 6 - Type : EXPLOIT-KIT
2014-01-10Cool exploit kit former location - has been removed
RuleID : 25960 - Revision : 5 - Type : EXPLOIT-KIT
2014-01-10Cool exploit kit malicious class file download
RuleID : 25959 - Revision : 6 - Type : EXPLOIT-KIT
2014-01-10Cool exploit kit malicious class file download
RuleID : 25958 - Revision : 6 - Type : EXPLOIT-KIT
2014-01-10Cool exploit kit malicious class file download
RuleID : 25957 - Revision : 6 - Type : EXPLOIT-KIT
2014-01-10Cool exploit kit malicious class file download
RuleID : 25956 - Revision : 6 - Type : EXPLOIT-KIT
2014-01-10Cool exploit kit malicious jar file download
RuleID : 25955 - Revision : 7 - Type : EXPLOIT-KIT
2014-01-10Cool exploit kit SWF file download
RuleID : 25954 - Revision : 8 - Type : EXPLOIT-KIT
2014-01-10Cool exploit kit landing page
RuleID : 25953 - Revision : 5 - Type : EXPLOIT-KIT
2014-01-10Cool exploit kit landing page
RuleID : 25952 - Revision : 5 - Type : EXPLOIT-KIT
2014-01-10Cool exploit kit EOT file download
RuleID : 25951 - Revision : 7 - Type : EXPLOIT-KIT
2014-01-10Cool exploit kit PDF exploit
RuleID : 25950 - Revision : 8 - Type : EXPLOIT-KIT
2014-01-10Cool exploit kit java exploit retrieval
RuleID : 25862 - Revision : 5 - Type : EXPLOIT-KIT
2014-01-10Cool exploit kit java exploit retrieval
RuleID : 25861 - Revision : 5 - Type : EXPLOIT-KIT
2014-01-10Cool exploit kit landing page
RuleID : 25860 - Revision : 5 - Type : EXPLOIT-KIT
2014-01-10Cool exploit kit malicious jar file download
RuleID : 25859 - Revision : 8 - Type : EXPLOIT-KIT
2014-01-10Cool exploit kit Java exploit download
RuleID : 25858 - Revision : 5 - Type : EXPLOIT-KIT
2014-01-10Cool exploit kit PDF exploit
RuleID : 25857 - Revision : 9 - Type : EXPLOIT-KIT
2014-01-10Microsoft Internet Explorer deleted button use after free attempt
RuleID : 25235 - Revision : 4 - Type : BROWSER-IE
2014-01-10Microsoft Internet Explorer deleted button use after free attempt
RuleID : 25234 - Revision : 4 - Type : BROWSER-IE
2014-01-10Microsoft Internet Explorer deleted button use after free attempt
RuleID : 25134 - Revision : 4 - Type : BROWSER-IE
2014-01-10Microsoft Internet Explorer deleted button use after free attempt
RuleID : 25133 - Revision : 4 - Type : BROWSER-IE
2014-01-10Microsoft Internet Explorer deleted button use after free attempt
RuleID : 25132 - Revision : 4 - Type : BROWSER-IE
2014-01-10Microsoft Internet Explorer deleted button use after free attempt
RuleID : 25131 - Revision : 4 - Type : BROWSER-IE
2014-01-10Microsoft Internet Explorer deleted button use after free attempt
RuleID : 25130 - Revision : 4 - Type : BROWSER-IE
2014-01-10Microsoft Internet Explorer deleted button use after free attempt
RuleID : 25129 - Revision : 4 - Type : BROWSER-IE
2014-01-10Microsoft Internet Explorer deleted button use after free attempt
RuleID : 25128 - Revision : 4 - Type : BROWSER-IE
2014-01-10Microsoft Internet Explorer deleted button use after free attempt
RuleID : 25127 - Revision : 4 - Type : BROWSER-IE
2014-01-10Microsoft Internet Explorer deleted button use after free attempt
RuleID : 25126 - Revision : 3 - Type : BROWSER-IE
2014-01-10Microsoft Internet Explorer deleted button use after free attempt
RuleID : 25125 - Revision : 4 - Type : BROWSER-IE

Metasploit Database

idDescription
2012-12-27 MS13-008 Microsoft Internet Explorer CButton Object Use-After-Free Vulnerability

Nessus® Vulnerability Scanner

DateDescription
2013-01-14Name : The remote host is affected by a code execution vulnerability.
File : smb_nt_ms13-008.nasl - Type : ACT_GATHER_INFO

Alert History

If you want to see full details history, please login or register.
0
1
2
3
4
5
6
7
8
DateInformations
2014-01-19 21:29:40
  • Multiple Updates
2014-01-03 17:19:07
  • Multiple Updates
2013-01-15 05:20:55
  • Multiple Updates
2013-01-15 05:19:04
  • Multiple Updates
2012-12-31 21:20:31
  • Multiple Updates
2012-12-31 21:18:35
  • Multiple Updates
2012-12-31 17:19:21
  • Multiple Updates
2012-12-30 21:19:15
  • Multiple Updates
2012-12-30 05:17:49
  • First insertion