Vulnerability Manager Plus

Cumulative Security Update for Internet Explorer for Windows Server 2003 x64 Edition (KB2744842)

Risk Information

Base Score

8.1

MODERATE

Vector

CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H

EPSS Score

Exploitation Probability

91.84%

CVE Information

Source CVE
CVE-2012-4969

Associated CVE
CVE-2012-4969
CVE-2012-1529
CVE-2012-2546
CVE-2012-2548
CVE-2012-2557

Patch Details

Patch associated with this vulnerability is supported by ManageEngine.

Patch ID
12419

Patch Description
Cumulative Security Update for Internet Explorer for Windows Server 2003 x64 Edition (KB2744842)

References

http://blog.vulnhunt.com/index.php/2012/09/17/ie-execcommand-fuction-use-after-free-vulnerability-0day_en/
http://dev.metasploit.com/redmine/projects/framework/repository/entry/modules/exploits/windows/browser/ie_execcommand_uaf.rb
http://eromang.zataz.com/2012/09/16/zero-day-season-is-really-not-over-yet/
http://technet.microsoft.com/security/advisory/2757760
http://technet.microsoft.com/security/bulletin/MS12-063
http://www.kb.cert.org/vuls/id/480095
http://www.securityfocus.com/bid/55641
http://www.securityfocus.com/bid/55645
http://www.securityfocus.com/bid/55646
http://www.securityfocus.com/bid/55647
http://www.securitytracker.com/id?1027538
http://www.securitytracker.com/id?1027555
http://www.securityweek.com/new-internet-explorer-zero-day-being-exploited-wild
http://www.us-cert.gov/cas/techalerts/TA12-255A.html
http://www.us-cert.gov/cas/techalerts/TA12-262A.html
http://www.us-cert.gov/cas/techalerts/TA12-265A.html
https://exchange.xforce.ibmcloud.com/vulnerabilities/78756
https://exchange.xforce.ibmcloud.com/vulnerabilities/78757