CRITICAL✓ PATCH🇬🇧 English

CVE-2012-4787

CVSS 9.0v3.1pub. 2012-12-12upd. 2026-04-29

Use-after-free vulnerability in Microsoft Internet Explorer 9 and 10 allows remote attackers to execute arbitrary code via a crafted web site that triggers access to an object that (1) was not properly initialized or (2) is deleted, aka "Improper Ref Counting Use After Free Vulnerability."

oryginał EN
CVSS Vector
CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:C/C:H/I:H/A:H
  • Microsoft Internet Explorer

    APP
    Microsoft
    109
  • Microsoft Windows 7

    OS
    Microsoft
    wszystkie wersje
  • Microsoft Windows 8

    OS
    Microsoft
    wszystkie wersje
  • Microsoft Windows Rt

    OS
    Microsoft
    wszystkie wersje
  • Microsoft Windows Server 2008

    OS
    Microsoft
    wszystkie wersje
  • Microsoft Windows Server 2012

    OS
    Microsoft
    wszystkie wersje
  • Microsoft Windows Vista

    OS
    Microsoft
    wszystkie wersje
🟢
PATCH DOSTĘPNY
Aktualizacja od producenta gotowa. Wdrożenie w ramach standardowego cyklu.
Tagi
RCEMemory
CWE
Referencje

Powiązane podatności

CVE-2025-59287CRITICAL9.8⚠ KEVPL ✓ten sam produkt

RCE w Windows Server Update Service (WSUS) — deserializacja danych

CVE-2020-1040CRITICAL9.0⚠ KEVten sam produkt

A remote code execution vulnerability exists when Hyper-V RemoteFX vGPU on a host server fails to properly val...

CVE-2020-1350CRITICAL10.0⚠ KEVten sam produkt

A remote code execution vulnerability exists in Windows Domain Name System servers when they fail to properly ...

CVE-2020-0646CRITICAL9.8⚠ KEVten sam produkt

A remote code execution vulnerability exists when the Microsoft .NET Framework fails to validate input properl...

CVE-2019-0708CRITICAL9.8⚠ KEVten sam produkt

A remote code execution vulnerability exists in Remote Desktop Services formerly known as Terminal Services wh...

CVE-2012-4787 — CRITICAL 9.0 | CVEbaza.pl