Microsoft Internet Explorer CFormElement Use-After-Free Remote Code Execution Vulnerability

Bugtraq ID: 56420
Class: Unknown
CVE: CVE-2012-1538
Remote: Yes
Local: No
Published: Nov 13 2012 12:00AM
Updated: Nov 20 2012 11:50AM
Credit: Jose A. Vazquez of spa-s3c.blogspot.com, working with VeriSign iDefense Labs
Vulnerable: Microsoft Internet Explorer 9
+ Microsoft Windows 7
+ Microsoft Windows 7 for 32-bit Systems SP1
+ Microsoft Windows 7 for 32-bit Systems 0
+ Microsoft Windows 7 for x64-based Systems SP1
+ Microsoft Windows 7 for x64-based Systems 0
+ Microsoft Windows 7 Home Premium - Sp1 X64
+ Microsoft Windows 7 Home Premium - Sp1 X32
+ Microsoft Windows Server 2008 R2
+ Microsoft Windows Server 2008 for 32-bit Systems SP2
+ Microsoft Windows Server 2008 for 32-bit Systems 0
+ Microsoft Windows Server 2008 for x64-based Systems SP2
+ Microsoft Windows Server 2008 for x64-based Systems 0
+ Microsoft Windows Server 2008 R2 for x64-based Systems SP1
+ Microsoft Windows Vista SP2
+ Microsoft Windows Vista SP1
+ Microsoft Windows Vista x64 Edition SP2
+ Microsoft Windows Vista x64 Edition SP1
+ Microsoft Windows Vista x64 Edition 0
Avaya Aura Conferencing 6.0 SP1 Standard
Not Vulnerable:


 

Privacy Statement
Copyright 2010, SecurityFocus