Remote Code Execution Vulnerability in Microsoft Internet Explorer 6-8

Remote Code Execution Vulnerability in Microsoft Internet Explorer 6-8

CVE-2012-4792 · HIGH Severity

AV:N/AC:M/AU:N/C:C/I:C/A:C

Use-after-free vulnerability in Microsoft Internet Explorer 6 through 8 allows remote attackers to execute arbitrary code via a crafted web site that triggers access to an object that (1) was not properly allocated or (2) is deleted, as demonstrated by a CDwnBindInfo object, and exploited in the wild in December 2012.

Learn more about our Cis Benchmark Audit For Bind.