CVE-2012-4969

Confirmed PUBLISHED

Use-after-free vulnerability in the CMshtmlEd::Exec function in mshtml.dll in Microsoft Internet Explorer 6 through 9 allows remote attackers to...

Microsoft · Internet Explorer
Exploited in the wild PoC available

Recommended Action

Prioritize remediation. Validate affected assets and apply vendor fixes on an accelerated timeline.

Confidence
Confirmed
Exploitation Status
Exploited in the wild
Observed in Sensors
No
Attempts (30d)
Unique Attacker IPs
CISA KEV
In CISA KEV
CVSS / EPSS
8.1 High

At a Glance

Use-after-free vulnerability in the CMshtmlEd::Exec function in mshtml.dll in Microsoft Internet Explorer 6 through 9 allows remote attackers to execute arbitrary code via a crafted web site, as exploited in the wild in September 2012.

metasploit cisa
CVE Published
Sep 18, 2012
Exploitation Reported
Jun 08, 2022
CVSS
8.1 High
EPSS
Remote No user interaction Unauthenticated

Affected Versions

Vendor Product Version Status
n/a
n/a

n/a

Affected

CVE References

  • TA12-265A us-cert.gov · Third-Party Advisory http://www.us-cert.gov/cas/techalerts/TA12-265A.html
  • VU#480095 kb.cert.org · Third-Party Advisory http://www.kb.cert.org/vuls/id/480095
  • TA12-262A us-cert.gov · Third-Party Advisory http://www.us-cert.gov/cas/techalerts/TA12-262A.html
  • TA12-255A us-cert.gov · Third-Party Advisory http://www.us-cert.gov/cas/techalerts/TA12-255A.html
  • oval:org.mitre.oval:def:15729 oval.cisecurity.org · VDB Entry https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.m...
Show 6 more references

Recommended Actions

  • Prioritize remediation. Validate affected assets and apply vendor fixes on an accelerated timeline.
  • Check enrichment artifacts for scanner coverage and available PoCs before rolling remediation validation.
  • Use the Pro API to automate enrichment, telemetry, and workflow delivery for VM, SOC, and CTI pipelines.