CVE-2012-0171
published 2012-04-10CVE-2012-0171: Microsoft Internet Explorer 6 through 9 does not properly handle objects in memory, which allows remote attackers to execute arbitrary code by accessing a…
PriorityP354critical9.3CVSS 2.0
AVNACMAuNCCICAC
EPSS
27.06%
97.8th percentile
Microsoft Internet Explorer 6 through 9 does not properly handle objects in memory, which allows remote attackers to execute arbitrary code by accessing a deleted object, aka "SelectAll Remote Code Execution Vulnerability."
Affected
4 ranges
| Vendor | Product | Version range | Fixed in |
|---|---|---|---|
| microsoft | internet_explorer | — | — |
| microsoft | internet_explorer | — | — |
| microsoft | internet_explorer | — | — |
| microsoft | internet_explorer | — | — |
CVSS provenance
nvdv2.09.3CRITICALAV:N/AC:M/Au:N/C:C/I:C/A:C
vendor_redhat5.0MEDIUM
Stop checking back — get the weekly exploitation signal.
Every Monday: what got weaponized or added to CISA KEV in the last seven days — each CVE cross-linked to its PoC, Nuclei template, and detection rule. Free, one email a week, unsubscribe in one click.
GHSA
GHSA-hr6f-h6mw-2p3m: Microsoft Internet Explorer 6 through 9 does not properly handle objects in memory, which allows remote attackers to execute arbitrary code by accessi
ghsa_unreviewed·2022-05-04
CVE-2012-0171 [HIGH] CWE-94 GHSA-hr6f-h6mw-2p3m: Microsoft Internet Explorer 6 through 9 does not properly handle objects in memory, which allows remote attackers to execute arbitrary code by accessi
Microsoft Internet Explorer 6 through 9 does not properly handle objects in memory, which allows remote attackers to execute arbitrary code by accessing a deleted object, aka "SelectAll Remote Code Execution Vulnerability."
Red Hat
boost regular expression memory corruption flaws
vendor_redhat·2008-01-11·CVSS 5.0
CVE-2008-0171 [MEDIUM] boost regular expression memory corruption flaws
boost regular expression memory corruption flaws
regex/v4/perl_matcher_non_recursive.hpp in the Boost regex library (aka Boost.Regex) in Boost 1.33 and 1.34 allows context-dependent attackers to cause a denial of service (failed assertion and crash) via an invalid regular expression.
Statement: This issue did not affect the version of boost as shipped with Red Hat Enterprise Linux 4 and 6. This issue was addressed in boost packages in Red Hat Enterprise Linux 5 via RHSA-2012:0305.
No detection rules found.
No public exploits indexed.
http://www.securitytracker.com/id?1026901http://www.us-cert.gov/cas/techalerts/TA12-101A.htmlhttps://docs.microsoft.com/en-us/security-updates/securitybulletins/2012/ms12-023https://exchange.xforce.ibmcloud.com/vulnerabilities/74382https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A15313http://www.securitytracker.com/id?1026901http://www.us-cert.gov/cas/techalerts/TA12-101A.htmlhttps://docs.microsoft.com/en-us/security-updates/securitybulletins/2012/ms12-023https://exchange.xforce.ibmcloud.com/vulnerabilities/74382https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A15313
2012-04-10
Published