Microsoft Internet Explorer Multiple Vulnerabilities

Posted on Tuesday, August 14, 2012 @ 20:22:08 PDT in Security
by Raven

SECUNIA ADVISORY ID: SA50237

VERIFY ADVISORY: Secunia.com http://secunia.com/advisories/50237/

RELEASE DATE: 2012-08-14

CRITICALITY: Highly Critical

DESCRIPTION: Four vulnerabilities have been reported in Internet Explorer, which can be exploited by malicious people to compromise a user's system. Successful exploitation of the vulnerabilities allows execution of arbitrary code.

1) An error in the layout handling when accessing an improperly initialised or deleted object can be exploited to corrupt memory.
2) A use-after-free error when asynchronously accessing NULL objects can be exploited to dereference an already deleted object.
3) An error may cause a corrupted virtual function table that has already been deleted to be accessed.
4) An integer overflow error in the JavaScript parsing when calculating the size of an object in memory during a copy operation can be exploited to corrupt memory.

SOLUTION: Apply patches.

PROVIDED AND/OR DISCOVERED BY: The vendor credits:
1) GWSlabs via iDefense VCP.
2) Derek Soeder via SecuriTeam Secure Disclosure.
3) Sing-ting Tsai and Ming-Chieh Pan, Trend Micro.
4) Cris Neckar, Google Chrome Security Team.

ORIGINAL ADVISORY: MS12-052 (KB2722913): http://technet.microsoft.com/en-us/security/bulletin/MS12-052
 
 
click Related        click Share
 
 
Associated Topics

Internet


Microsoft
 
News ©

Site Info v2.2.2

Last SeenLast Seen
Server TrafficServer Traffic
  • Total: 339,150,718
  • Today: 30,858
Server InfoServer Info
  • Oct 21, 2017
  • 09:02 am PDT
 
 

Daily Inspiration