CVE-2012-4792

Related Files

Technical Cyber Security Alert 2013-015A

Posted Jan 16, 2013

Authored by US-CERT | Site us-cert.gov

Technical Cyber Security Alert 2013-15A - Microsoft has released Security Bulletin MS13-008 to address the CButton use-after-free vulnerability.

tags | advisory

advisories | CVE-2012-4792

SHA-256 | 34df98e543f98f91b2b22e03ffe83deca1c82890b5a4134ea8a14d78e4fc23c8

Download | Favorite | View

Microsoft Internet Explorer CButton Object Use-After-Free

Posted Jan 2, 2013

Authored by Eric Romang, sinn3r, juan vazquez, mahmud ab rahman | Site metasploit.com

This Metasploit module exploits a vulnerability found in Microsoft Internet Explorer. A use-after-free condition occurs when a CButton object is freed, but a reference is kept and used again during a page reload, an invalid memory that's controllable is used, and allows arbitrary code execution under the context of the user. Please note: This vulnerability has been exploited in the wild targeting mainly China/Taiwan/and US-based computers.

tags | exploit, arbitrary, code execution

advisories | CVE-2012-4792

SHA-256 | 533129f761cf4d8924232d6abdcf16e58a9823d5ff768d51fa0cc0628e64d91b

Download | Favorite | View

Microsoft Internet Explorer CDwnBindInfo Object Use-After-Free

Posted Dec 31, 2012

Authored by Eric Romang, sinn3r, juan vazquez, mahmud ab rahman | Site metasploit.com

This Metasploit module exploits a vulnerability found in Microsoft Internet Explorer. A use-after-free condition occurs when a CButton object is freed, but a reference is kept and used again during a page reload, an invalid memory that's controllable is used, and allows arbitrary code execution under the context of the user. Please note: This vulnerability has been exploited in the wild targeting mainly China/Taiwan/and US-based computers.

tags | exploit, arbitrary, code execution

advisories | CVE-2012-4792

SHA-256 | e321b503a83791aeb063c8940adcdb875c9201669df143b59807fe08c4b13986

Download | Favorite | View