National Cyber Awareness System

Vulnerability Summary for CVE-2012-4792

Overview

Use-after-free vulnerability in Microsoft Internet Explorer 6 through 8 allows remote attackers to execute arbitrary code via a crafted web site that triggers access to an object that (1) was not properly allocated or (2) is deleted, as demonstrated by a CDwnBindInfo object, and exploited in the wild in December 2012.

Impact

CVSS Severity (version 2.0):

CVSS Version 2 Metrics:

References to Advisories, Solutions, and Tools

By selecting these links, you will be leaving NIST webspace. We have provided these links to other web sites because they may have information that would be of interest to you. No inferences should be drawn on account of other sites being referenced, or not, from this page. There may be other web sites that are more appropriate for your purpose. NIST does not necessarily endorse the views expressed, or concur with the facts presented on these sites. Further, NIST does not endorse any commercial products that may be mentioned on these sites. Please address comments about this page to nvd@nist.gov.

US-CERT Technical Alert: TA13-015A

Name: TA13-015A

Hyperlink:http://www.us-cert.gov/cas/techalerts/TA13-015A.html

US-CERT Technical Alert: TA13-008A

Name: TA13-008A

Hyperlink:http://www.us-cert.gov/cas/techalerts/TA13-008A.html

US-CERT Vulnerability Note: VU#154201

Name: VU#154201

Hyperlink:http://www.kb.cert.org/vuls/id/154201

External Source: MISC

Name: https://github.com/rapid7/metasploit-framework/blob/master/modules/exploits/windows/browser/ie_cbutton_uaf.rb

Hyperlink:https://github.com/rapid7/metasploit-framework/blob/master/modules/exploits/windows/browser/ie_cbutton_uaf.rb

External Source: MS

Name: MS13-008

Hyperlink:http://technet.microsoft.com/security/bulletin/MS13-008

External Source: CONFIRM

Name: http://technet.microsoft.com/security/advisory/2794220

Type: Advisory

Hyperlink:http://technet.microsoft.com/security/advisory/2794220

External Source: MISC

Name: http://packetstormsecurity.com/files/119168/Microsoft-Internet-Explorer-CDwnBindInfo-Object-Use-After-Free.html

Hyperlink:http://packetstormsecurity.com/files/119168/Microsoft-Internet-Explorer-CDwnBindInfo-Object-Use-After-Free.html

External Source: MISC

Name: http://labs.alienvault.com/labs/index.php/2012/just-another-water-hole-campaign-using-an-internet-explorer-0day/

Hyperlink:http://labs.alienvault.com/labs/index.php/2012/just-another-water-hole-campaign-using-an-internet-explorer-0day/

External Source: MISC

Name: http://eromang.zataz.com/2012/12/29/attack-and-ie-0day-informations-used-against-council-on-foreign-relations/

Hyperlink:http://eromang.zataz.com/2012/12/29/attack-and-ie-0day-informations-used-against-council-on-foreign-relations/

External Source: CONFIRM

Name: http://blogs.technet.com/b/srd/archive/2012/12/31/microsoft-quot-fix-it-quot-available-for-internet-explorer-6-7-and-8.aspx

Hyperlink:http://blogs.technet.com/b/srd/archive/2012/12/31/microsoft-quot-fix-it-quot-available-for-internet-explorer-6-7-and-8.aspx

External Source: CONFIRM

Name: http://blogs.technet.com/b/srd/archive/2012/12/29/new-vulnerability-affecting-internet-explorer-8-users.aspx

Hyperlink:http://blogs.technet.com/b/srd/archive/2012/12/29/new-vulnerability-affecting-internet-explorer-8-users.aspx

External Source: MISC

Name: http://blog.fireeye.com/research/2012/12/council-foreign-relations-water-hole-attack-details.html

Hyperlink:http://blog.fireeye.com/research/2012/12/council-foreign-relations-water-hole-attack-details.html