Executive Summary
Informations | |||
---|---|---|---|
Name | CVE-2012-1526 | First vendor Publication | 2012-08-14 |
Vendor | Cve | Last vendor Modification | 2018-10-12 |
Security-Database Scoring CVSS v3
Cvss vector : N/A | |||
---|---|---|---|
Overall CVSS Score | NA | ||
Base Score | NA | Environmental Score | NA |
impact SubScore | NA | Temporal Score | NA |
Exploitabality Sub Score | NA | ||
Calculate full CVSS 3.0 Vectors scores |
Security-Database Scoring CVSS v2
Cvss vector : (AV:N/AC:M/Au:N/C:C/I:C/A:C) | |||
---|---|---|---|
Cvss Base Score | 9.3 | Attack Range | Network |
Cvss Impact Score | 10 | Attack Complexity | Medium |
Cvss Expoit Score | 8.6 | Authentication | None Required |
Calculate full CVSS 2.0 Vectors scores |
Detail
Microsoft Internet Explorer 6 and 7 does not properly handle objects in memory, which allows remote attackers to execute arbitrary code by accessing an object that (1) was not initialized or (2) is deleted, aka "Layout Memory Corruption Vulnerability." |
Original Source
Url : http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2012-1526 |
CWE : Common Weakness Enumeration
% | Id | Name |
---|---|---|
100 % | CWE-119 | Failure to Constrain Operations within the Bounds of a Memory Buffer |
OVAL Definitions
Definition Id: oval:org.mitre.oval:def:15240 | |||
Oval ID: | oval:org.mitre.oval:def:15240 | ||
Title: | Layout memory corruption vulnerability - MS12-052 | ||
Description: | Microsoft Internet Explorer 6 and 7 does not properly handle objects in memory, which allows remote attackers to execute arbitrary code by accessing an object that (1) was not initialized or (2) is deleted, aka "Layout Memory Corruption Vulnerability." | ||
Family: | windows | Class: | vulnerability |
Reference(s): | CVE-2012-1526 | Version: | 7 |
Platform(s): | Microsoft Windows XP Microsoft Windows Vista Microsoft Windows Server 2003 Microsoft Windows Server 2008 Microsoft Windows Server 2008 R2 Microsoft Windows 7 | Product(s): | Microsoft Internet Explorer 6 Microsoft Internet Explorer 7 |
Definition Synopsis: | |||
|
CPE : Common Platform Enumeration
Type | Description | Count |
---|---|---|
Application | 2 |
OpenVAS Exploits
Date | Description |
---|---|
2012-08-15 | Name : Microsoft Internet Explorer Multiple Vulnerabilities (2722913) File : nvt/secpod_ms12-052.nasl |
Snort® IPS/IDS
Date | Description |
---|---|
2014-11-16 | Microsoft Internet Explorer negative margin use after free attempt RuleID : 31296 - Revision : 5 - Type : BROWSER-IE |
2014-01-10 | Microsoft Internet Explorer virtual function table corruption attempt RuleID : 27221 - Revision : 3 - Type : BROWSER-IE |
2014-01-10 | Microsoft Internet Explorer virtual function table corruption attempt RuleID : 27220 - Revision : 4 - Type : BROWSER-IE |
2014-01-10 | Microsoft Internet Explorer sign extension vulnerability exploitation attempt RuleID : 25079 - Revision : 5 - Type : BROWSER-IE |
2014-01-10 | Microsoft Internet Explorer sign extension vulnerability exploitation attempt RuleID : 25078 - Revision : 8 - Type : BROWSER-IE |
2014-01-10 | Microsoft Internet Explorer sign extension vulnerability exploitation attempt RuleID : 23841 - Revision : 6 - Type : BROWSER-IE |
2014-01-10 | Microsoft Internet Explorer sign extension vulnerability exploitation attempt RuleID : 23840 - Revision : 6 - Type : BROWSER-IE |
2014-01-10 | Microsoft Internet Explorer negative margin use after free attempt RuleID : 23836 - Revision : 15 - Type : BROWSER-IE |
2014-01-10 | Microsoft Internet Explorer asynchronous code execution attempt RuleID : 23835 - Revision : 10 - Type : BROWSER-IE |
2014-01-10 | Microsoft Internet Explorer asynchronous code execution attempt RuleID : 23834 - Revision : 10 - Type : BROWSER-IE |
Nessus® Vulnerability Scanner
Date | Description |
---|---|
2012-08-15 | Name : The remote host is affected by code execution vulnerabilities. File : smb_nt_ms12-052.nasl - Type : ACT_GATHER_INFO |
2012-08-15 | Name : Arbitrary code can be executed on the remote host through the installed JScri... File : smb_nt_ms12-056.nasl - Type : ACT_GATHER_INFO |
Sources (Detail)
Alert History
Date | Informations |
---|---|
2021-05-04 12:19:29 |
|
2021-04-22 01:23:11 |
|
2020-05-23 00:33:13 |
|
2018-10-13 05:18:35 |
|
2017-09-19 09:25:13 |
|
2014-11-16 21:24:35 |
|
2014-02-17 11:09:00 |
|
2014-01-19 21:28:34 |
|
2013-11-04 21:22:29 |
|
2013-05-10 22:35:56 |
|
2013-01-30 13:21:21 |
|