Vulnerability Manager Plus

Cumulative Security Update for Internet Explorer 8 for Windows XP x64 Edition (KB2744842)

Risk Information

Base Score

8.1

MODERATE

Vector

CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H

EPSS Score

Exploitation Probability

91.84%

CVE Information

Source CVE
CVE-2012-4969

Associated CVE
CVE-2012-4969
CVE-2012-1529
CVE-2012-2546
CVE-2012-2548
CVE-2012-2557

Patch Details

Patch associated with this vulnerability is supported by ManageEngine.

Patch ID
12434

Patch Description
Cumulative Security Update for Internet Explorer 8 for Windows XP x64 Edition (KB2744842)

References

http://blog.vulnhunt.com/index.php/2012/09/17/ie-execcommand-fuction-use-after-free-vulnerability-0day_en/
http://dev.metasploit.com/redmine/projects/framework/repository/entry/modules/exploits/windows/browser/ie_execcommand_uaf.rb
http://eromang.zataz.com/2012/09/16/zero-day-season-is-really-not-over-yet/
http://technet.microsoft.com/security/advisory/2757760
http://technet.microsoft.com/security/bulletin/MS12-063
http://www.kb.cert.org/vuls/id/480095
http://www.securityfocus.com/bid/55641
http://www.securityfocus.com/bid/55645
http://www.securityfocus.com/bid/55646
http://www.securityfocus.com/bid/55647
http://www.securitytracker.com/id?1027538
http://www.securitytracker.com/id?1027555
http://www.securityweek.com/new-internet-explorer-zero-day-being-exploited-wild
http://www.us-cert.gov/cas/techalerts/TA12-255A.html
http://www.us-cert.gov/cas/techalerts/TA12-262A.html
http://www.us-cert.gov/cas/techalerts/TA12-265A.html
https://exchange.xforce.ibmcloud.com/vulnerabilities/78756
https://exchange.xforce.ibmcloud.com/vulnerabilities/78757