⚠ Actively exploited
Added to CISA KEV on 2024-07-23. Federal agencies required to patch by 2024-08-13. Required action: The impacted product is end-of-life and should be disconnected if still in use..

CVE-2012-4792Use After Free in Microsoft Internet Explorer

CWE-416Use After Free20 documents13 sources
Severity
8.8HIGHNVD
EPSS
91.4%
top 0.33%
CISA KEV
KEV
Added 2024-07-23
Due 2024-08-13
Exploit
Exploited in wild
Active exploitation observed
Affected products
1
Microsoft Internet Explorer
Timeline
PublishedDec 30
KEV addedJul 23
KEV dueAug 13
Latest updateFeb 12
CISA Required Action: The impacted product is end-of-life and should be disconnected if still in use.

Description

Use-after-free vulnerability in Microsoft Internet Explorer 6 through 8 allows remote attackers to execute arbitrary code via a crafted web site that triggers access to an object that (1) was not properly allocated or (2) is deleted, as demonstrated by a CDwnBindInfo object, and exploited in the wild in December 2012.

CVSS vector

CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:HExploitability: 2.8 | Impact: 5.9

Affected Packages1 packages

Patches

Patch: technet.microsoft.comPatch: docs.microsoft.comPatch: technet.microsoft.com

🔴Vulnerability Details

2
GHSA
GHSA-c5c8-vqpp-hm75: Use-after-free vulnerability in Microsoft Internet Explorer 6 through 8 allows remote attackers to execute arbitrary code via a crafted web site that2022-05-13
VulnCheck
Microsoft Internet Explorer Use-After-Free Vulnerability2012

💥Exploits & PoCs

3
Exploit-DB
Microsoft Internet Explorer - CButton Object Use-After-Free (Metasploit)2013-01-02
Exploit-DB
Microsoft Internet Explorer - CDwnBindInfo Object Use-After-Free (Metasploit)2012-12-31
Metasploit
MS13-008 Microsoft Internet Explorer CButton Object Use-After-Free Vulnerability

🔍Detection Rules

1
Suricata
ET MALWARE CFR DRIVEBY CVE-2012-4792 DNS Query for C2 domain2012-12-30

📋Vendor Advisories

1
CISA
Microsoft Internet Explorer Use-After-Free Vulnerability2024-07-23

🕵️Threat Intelligence

8
Qualys
US-CERT: Top 30 Vulnerabilities | Qualys2015-05-01
Qualys
US-CERT: Top 30 Vulnerabilities | Qualys2015-05-01
Talos
Threat Spotlight: Group 722014-10-14
Talos
Threat Spotlight: Group 722014-10-14
Trailofbits
Writing Exploits with the Elderwood Kit (Part 2)2013-05-20

📄Research Papers

4
arXiv
Investigation of Advanced Persistent Threats Network-based Tactics, Techniques and Procedures2025-02-12
arXiv
SOK: On the Analysis of Web Browser Security2021-12-31
arXiv
Rethinking Misalignment to Raise the Bar for Heap Pointer Corruption2018-08-08
arXiv
Unsupervised Anomaly-based Malware Detection using Hardware Features2014-03-28
CVE-2012-4792 — Use After Free in Microsoft | cvebase