CVE-2012-0011
published 2012-02-14CVE-2012-0011: Microsoft Internet Explorer 7 through 9 does not properly handle objects in memory, which allows remote attackers to execute arbitrary code by accessing a…
PriorityP353critical9.3CVSS 2.0
AVNACMAuNCCICAC
EPSS
27.42%
97.8th percentile
Microsoft Internet Explorer 7 through 9 does not properly handle objects in memory, which allows remote attackers to execute arbitrary code by accessing a deleted object, aka "HTML Layout Remote Code Execution Vulnerability."
Affected
3 ranges
| Vendor | Product | Version range | Fixed in |
|---|---|---|---|
| microsoft | internet_explorer | — | — |
| microsoft | internet_explorer | — | — |
| microsoft | internet_explorer | — | — |
Stop checking back — get the weekly exploitation signal.
Every Monday: what got weaponized or added to CISA KEV in the last seven days — each CVE cross-linked to its PoC, Nuclei template, and detection rule. Free, one email a week, unsubscribe in one click.
GHSA
GHSA-qj5r-3869-vwvv: Microsoft Internet Explorer 7 through 9 does not properly handle objects in memory, which allows remote attackers to execute arbitrary code by accessi
ghsa_unreviewed·2022-05-04
CVE-2012-0011 [HIGH] CWE-94 GHSA-qj5r-3869-vwvv: Microsoft Internet Explorer 7 through 9 does not properly handle objects in memory, which allows remote attackers to execute arbitrary code by accessi
Microsoft Internet Explorer 7 through 9 does not properly handle objects in memory, which allows remote attackers to execute arbitrary code by accessing a deleted object, aka "HTML Layout Remote Code Execution Vulnerability."
VMware
VMware hosted products and ESXi and ESX patches address security issues
vendor_vmware·2012-06-14·CVSS 9.3
CVE-2012-3288 [CRITICAL] VMware hosted products and ESXi and ESX patches address security issues
VMSA-2012-0011: VMware hosted products and ESXi and ESX patches address security issues
Input data is not properly validated when loading Checkpoint files. This may allow an attacker with the ability to load a specially crafted Checkpoint file to execute arbitrary code on the host.
CVEs: CVE-2012-3288, CVE-2012-3289
Affected products: ESXi, VMware Fusion, VMware Tools, VMware Workstation
No detection rules found.
No public exploits indexed.
http://www.us-cert.gov/cas/techalerts/TA12-045A.htmlhttps://docs.microsoft.com/en-us/security-updates/securitybulletins/2012/ms12-010https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A14310http://www.us-cert.gov/cas/techalerts/TA12-045A.htmlhttps://docs.microsoft.com/en-us/security-updates/securitybulletins/2012/ms12-010https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A14310
2012-02-14
Published