CMshtmlEd::Exec Use-After-Free Vulnerability in Internet Explorer 6-9

CMshtmlEd::Exec Use-After-Free Vulnerability in Internet Explorer 6-9

CVE-2012-4969 · HIGH Severity

AV:N/AC:M/AU:N/C:C/I:C/A:C

Use-after-free vulnerability in the CMshtmlEd::Exec function in mshtml.dll in Microsoft Internet Explorer 6 through 9 allows remote attackers to execute arbitrary code via a crafted web site, as exploited in the wild in September 2012.

Learn more about our Web App Pen Testing.