CVE-2012-0169 — Code Injection in Microsoft Internet Explorer

CWE-94 — Code Injection4 documents3 sources

Severity

9.3CRITICALNVD

EPSS

49.5%

top 2.20%

CISA KEV

Not in KEV

Exploit

No known exploits

Affected products

Microsoft Internet Explorer

Timeline

PublishedApr 10

Latest updateMay 4

Description

Microsoft Internet Explorer 9 does not properly handle objects in memory, which allows remote attackers to execute arbitrary code by accessing a deleted object, aka "JScript9 Remote Code Execution Vulnerability."

CVSS vector

AV:N/AC:M/C:C/I:C/A:CExploitability: 8.6 | Impact: 10.0

Affected Packages1 packages

▶NVDmicrosoft/internet_explorer9

Patches

Patch: docs.microsoft.com ↗Patch: docs.microsoft.com ↗

🔴Vulnerability Details

GHSA

GHSA-fg43-whhq-ff6j: Microsoft Internet Explorer 9 does not properly handle objects in memory, which allows remote attackers to execute arbitrary code by accessing a delet↗2022-05-04

▶

💬Community

Bugzilla

CVE-2013-0169 CVE-2013-0169 CVE-2012-4929 mingw-openssl various flaws [fedora-all]↗2013-03-12

▶

Bugzilla

CVE-2013-0169 CVE-2012-4929 mingw32-openssl various flaws [epel-5]↗2013-03-12

▶