CVE-2012-1522
https://notcve.org/view.php?id=CVE-2012-1522
Microsoft Internet Explorer 9 does not properly handle objects in memory, which allows remote attackers to execute arbitrary code by accessing a deleted object, aka "Cached Object Remote Code Execution Vulnerability." Microsoft Internet Explorer 9 no trata correctamente los objetos en memoria, permitiendo a atacantes remotos ejecutar código arbitrario mediante el acceso a un objeto eliminado, también conocido como "Cached Object Remote Code Execution Vulnerability. • http://www.us-cert.gov/cas/techalerts/TA12-192A.html https://docs.microsoft.com/en-us/security-updates/securitybulletins/2012/ms12-044 https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A15464 • CWE-94: Improper Control of Generation of Code ('Code Injection') •
CVE-2012-1524
https://notcve.org/view.php?id=CVE-2012-1524
Microsoft Internet Explorer 9 does not properly handle objects in memory, which allows remote attackers to execute arbitrary code by accessing a deleted object, aka "Attribute Remove Remote Code Execution Vulnerability." Microsoft Internet Explorer 9 no trata correctamente los objetos en memoria, permitiendo a atacantes remotos ejecutar código arbitrario mediante el acceso a un objeto eliminado, también conocido como vulnerabilidad "Attribute Remove Remote Code Execution Vulnerability." • http://www.us-cert.gov/cas/techalerts/TA12-192A.html https://docs.microsoft.com/en-us/security-updates/securitybulletins/2012/ms12-044 https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A15595 • CWE-94: Improper Control of Generation of Code ('Code Injection') •
CVE-2012-1874
https://notcve.org/view.php?id=CVE-2012-1874
Microsoft Internet Explorer 8 and 9 does not properly handle objects in memory, which allows user-assisted remote attackers to execute arbitrary code by accessing a deleted object, aka "Developer Toolbar Remote Code Execution Vulnerability." Microsoft Internet Explorer v8 y v9 no gestionan de forma correcta objetos en memoria, lo que permite a atacantes remotos asistidos por usuarios locales ejecutar código intentando acceder a un objeto eliminado, también conocido como "Developer Toolbar Remote Code Execution Vulnerability." • http://www.us-cert.gov/cas/techalerts/TA12-164A.html https://docs.microsoft.com/en-us/security-updates/securitybulletins/2012/ms12-037 https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A15425 • CWE-94: Improper Control of Generation of Code ('Code Injection') •
CVE-2012-1878 – Microsoft Internet Explorer OnBeforeDeactivate Event Remote Code Execution Vulnerability
https://notcve.org/view.php?id=CVE-2012-1878
Microsoft Internet Explorer 6 through 9 does not properly handle objects in memory, which allows remote attackers to execute arbitrary code by accessing a deleted object, aka "OnBeforeDeactivate Event Remote Code Execution Vulnerability." Microsoft Internet Explorer v6 hasta v9 no gestionan de forma correcta objetos en memoria, lo que permite a atacantes remotos ejecutar código accediendo a un objeto eliminado, también conocido como "OnBeforeDeactivate Event Remote Code Execution Vulnerability." This vulnerability allows remote attackers to execute arbitrary code on vulnerable installations of Microsoft Internet Explorer. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists within the way Internet Explorer handles the onbeforedeactivate callback function for certain elements. During the execution of the onbeforedeactivate callback function it is possible to alter the DOM tree of the page which can lead to a use-after-free vulnerability when the function returns. • http://www.us-cert.gov/cas/techalerts/TA12-164A.html https://docs.microsoft.com/en-us/security-updates/securitybulletins/2012/ms12-037 https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A15632 • CWE-94: Improper Control of Generation of Code ('Code Injection') •
CVE-2012-1879 – Microsoft Internet Explorer insertAdjacentText Remote Code Execution Vulnerability
https://notcve.org/view.php?id=CVE-2012-1879
Microsoft Internet Explorer 6 through 9 does not properly handle objects in memory, which allows remote attackers to execute arbitrary code by attempting to access an undefined memory location, aka "insertAdjacentText Remote Code Execution Vulnerability." Microsoft Internet Explorer v6 hasta v9 no gestionan de forma correcta objetos en memoria, lo que permite a atacantes remotos ejecutar código intentado acceder a una posición de memoria no definida, también conocida como "OnRowsInserted Event Remote Code Execution Vulnerability." This vulnerability allows remote attackers to execute arbitrary code on vulnerable installations of Microsoft Internet Explorer. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists within the way Internet Explorer handles repeated calls to insertAdjacentText. When the size of the element reaches a certain threshold Internet Explorer fails to correctly relocate key elements. • http://www.us-cert.gov/cas/techalerts/TA12-164A.html https://docs.microsoft.com/en-us/security-updates/securitybulletins/2012/ms12-037 https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A15588 • CWE-94: Improper Control of Generation of Code ('Code Injection') •