Security Lab

Выполнение произвольного кода в Microsoft Internet Explorer

Дата публикации:17.09.2012
Дата изменения:22.09.2012
Всего просмотров:10688
Опасность:
Критическая
Наличие исправления: Да
Количество уязвимостей:1
CVSSv2 рейтинг: 10 (AV:N/AC:L/Au:N/C:C/I:C/A:C/E:H/RL:O/RC:C)
CVE ID: CVE-2012-4969
Вектор эксплуатации: Удаленная
Воздействие: Компрометация системы
CWE ID: Нет данных
Наличие эксплоита: Активная эксплуатация уязвимости
Уязвимые продукты: Microsoft Internet Explorer 7.x
Microsoft Internet Explorer 8.x
Microsoft Internet Explorer 9.x
Microsoft Internet Explorer 6.x
Уязвимые версии: Microsoft Internet Explorer 6.x 7.x, 8.x, 9.x

Описание:
Уязвимость позволяет удаленному пользователю выполнить произвольный код на целевой системе.

Уязвимость существует из-за ошибки использования после освобождения при обарботке "<img>" массивов. Удаленный пользователь может с помощью специально сформированного Web сайта выполнить произвольный код на целевой системе.

Примечание: уязвимость активно эксплуатируется в настоящее время.

URL производителя: www.microsoft.com

Решение: Для устранения уязвимости установите исправление с сайта производителя.

Internet Explorer 6

 

Windows XP Service Pack 3
http://www.microsoft.com/downloads/details.aspx?FamilyID=967c9ef3-db48-4c2f-9a67-87851fd54962

Windows XP Professional x64 Edition Service Pack 2
http://www.microsoft.com/downloads/details.aspx?FamilyID=020b36c6-7050-4458-8762-bae35eb713cd

Windows Server 2003 Service Pack 2
http://www.microsoft.com/downloads/details.aspx?FamilyID=7aaaa15b-87d8-4afc-b183-8ce5becda026

Windows Server 2003 x64 Edition Service Pack 2
http://www.microsoft.com/downloads/details.aspx?FamilyID=366feacb-16ad-455c-b2ad-5038f998c432

Windows Server 2003 with SP2 for Itanium-based Systems
http://www.microsoft.com/downloads/details.aspx?FamilyID=c28d6dc3-c2f0-4505-a545-85b7a0e3e2dc

 

Internet Explorer 7

 

Windows XP Service Pack 3
http://www.microsoft.com/downloads/details.aspx?FamilyID=6ba78d4c-3657-4963-b2da-7a3763c6b5c9

Windows XP Professional x64 Edition Service Pack 2
http://www.microsoft.com/downloads/details.aspx?FamilyID=1e2e412a-be97-407e-9f02-fc074db3bb07

Windows Server 2003 Service Pack 2
http://www.microsoft.com/downloads/details.aspx?FamilyID=aef34ce4-a6ce-4f5e-9892-0a7fbd90c3b4

Windows Server 2003 x64 Edition Service Pack 2
http://www.microsoft.com/downloads/details.aspx?FamilyID=baa47c53-2724-43ef-8590-d3733b47e75b

Windows Server 2003 with SP2 for Itanium-based Systems
http://www.microsoft.com/downloads/details.aspx?FamilyID=86c28695-86a5-4c17-82d6-7f98b3162aa6

Windows Vista Service Pack 2
http://www.microsoft.com/downloads/details.aspx?FamilyID=053546fc-ed41-43c2-b4f2-b76334314f5c

Windows Vista x64 Edition Service Pack 2
http://www.microsoft.com/downloads/details.aspx?FamilyID=cbe5681b-c28e-4a6a-9b97-0bfe44acf077

Windows Server 2008 for 32-bit Systems Service Pack 2
http://www.microsoft.com/downloads/details.aspx?FamilyID=df861b42-bcf2-4f7a-9019-f49e6725f5dc

Windows Server 2008 for x64-based Systems Service Pack 2
http://www.microsoft.com/downloads/details.aspx?FamilyID=fa9878c0-b7e5-43ac-b1eb-679e62cf62fc

Windows Server 2008 for Itanium-based Systems Service Pack 2
http://www.microsoft.com/downloads/details.aspx?FamilyID=ded887a4-a06d-4447-b19d-19d0f4928523

 

Internet Explorer 8

 

Windows XP Service Pack 3
http://www.microsoft.com/downloads/details.aspx?familyid=ac71ffe3-f077-4753-a238-47a2e9623363

Windows XP Professional x64 Edition Service Pack 2
http://www.microsoft.com/downloads/details.aspx?familyid=c727d956-be3e-4cd2-913c-f26cb6c33227

Windows Server 2003 Service Pack 2
http://www.microsoft.com/downloads/details.aspx?familyid=d63e25ad-ab8c-425f-89cd-29cd2b7b69d6

Windows Server 2003 x64 Edition Service Pack 2
http://www.microsoft.com/downloads/details.aspx?familyid=84144e56-f653-4c92-bf49-d44d9ba10489

Windows Vista Service Pack 2
http://www.microsoft.com/downloads/details.aspx?familyid=0a5a446d-0a48-4eec-b424-87339b34a3be

Windows Vista x64 Edition Service Pack 2
http://www.microsoft.com/downloads/details.aspx?familyid=5642136e-68f6-42e8-b48e-1549733c6e7d

Windows Server 2008 for 32-bit Systems Service Pack 2
http://www.microsoft.com/downloads/details.aspx?familyid=1d4f0f25-9539-4c38-babb-4af7f0f4c6cf

Windows Server 2008 for x64-based Systems Service Pack 2
http://www.microsoft.com/downloads/details.aspx?familyid=10bab7d4-0dd8-4fa7-b26c-715a68553707

Windows 7 for 32-bit Systems
http://www.microsoft.com/downloads/details.aspx?familyid=93591461-39ff-4cbd-8df3-88cb80ed6255

Windows 7 for 32-bit Systems Service Pack 1
http://www.microsoft.com/downloads/details.aspx?familyid=93591461-39ff-4cbd-8df3-88cb80ed6255

Windows 7 for x64-based Systems
http://www.microsoft.com/downloads/details.aspx?familyid=e2083388-19a9-4754-9449-1dad2a7f7543

Windows 7 for x64-based Systems Service Pack 1
http://www.microsoft.com/downloads/details.aspx?familyid=e2083388-19a9-4754-9449-1dad2a7f7543

Windows Server 2008 R2 for x64-based Systems
http://www.microsoft.com/downloads/details.aspx?familyid=d46ec8ea-b8c8-42d9-a201-f36eb97b91b8

Windows Server 2008 R2 for x64-based Systems Service Pack 1
http://www.microsoft.com/downloads/details.aspx?familyid=d46ec8ea-b8c8-42d9-a201-f36eb97b91b8

Windows Server 2008 R2 for Itanium-based Systems
http://www.microsoft.com/downloads/details.aspx?familyid=c132173b-f869-47ec-bb70-6307081473fe

Windows Server 2008 R2 for Itanium-based Systems Service Pack 1
http://www.microsoft.com/downloads/details.aspx?familyid=c132173b-f869-47ec-bb70-6307081473fe

 

Internet Explorer 9

Windows Vista Service Pack 2
http://www.microsoft.com/downloads/details.aspx?familyid=daba1ef1-62db-43db-9d5b-495aa2d3550f

Windows Vista x64 Edition Service Pack 2
http://www.microsoft.com/downloads/details.aspx?familyid=aae496ef-fca2-4632-9a8f-2108722d2b28

Windows Server 2008 for 32-bit Systems Service Pack 2
http://www.microsoft.com/downloads/details.aspx?familyid=0b2965d7-e0b2-4035-a9e4-f6badb389098

Windows Server 2008 for x64-based Systems Service Pack 2
http://www.microsoft.com/downloads/details.aspx?familyid=612a94ef-0950-41e8-9875-a8f0e71eba6f

Windows 7 for 32-bit Systems
http://www.microsoft.com/downloads/details.aspx?familyid=b303f86a-df17-4961-b677-0c38bd6a86d3

Windows 7 for 32-bit Systems Service Pack 1
http://www.microsoft.com/downloads/details.aspx?familyid=b303f86a-df17-4961-b677-0c38bd6a86d3

Windows 7 for x64-based Systems
http://www.microsoft.com/downloads/details.aspx?familyid=01045ee2-c7c4-4078-969f-905fd7e8774f

Windows 7 for x64-based Systems Service Pack 1
http://www.microsoft.com/downloads/details.aspx?familyid=01045ee2-c7c4-4078-969f-905fd7e8774f

Windows Server 2008 R2 for x64-based Systems
http://www.microsoft.com/downloads/details.aspx?familyid=c44a0253-fefc-4ce6-9cfd-396fdea71f8d

Windows Server 2008 R2 for x64-based Systems Service Pack 1
http://www.microsoft.com/downloads/details.aspx?familyid=c44a0253-fefc-4ce6-9cfd-396fdea71f8d

Ссылки: Microsoft IE 8 execCommand Use-After-Free Exploit
Vulnerability in Internet Explorer Could Allow Remote Code Execution
Microsoft IE execCommand Use-After-Free Exploit
MS12-063: Cumulative Security Update for Internet Explorer (2744842)

http://eromang.zataz.com/2012/09/16/zero-day-season-is-really-not-over-yet/
http://technet.microsoft.com/en-us/security/advisory/2757760
Журнал изменений: a:2:{s:4:"TEXT";s:584:"17.09.2012
Добавлен PoC код.
18.09.2012
В список уязвимых продуктов добавлен Microsoft Internet Explorer 9.x. Добавлено уведомление производителя.
18.09.2012
Добавлен PoC код для IE9.
19.09.2012
Добавлен CVE ID.
20.09.2012
Внесено изменение в секцию "Решение".
22.09.2012
В список уязвимых продуктов добавлено Microsoft Internet Explorer 6. Добавлена ссылка на уведомление MS12-063. Внесено изменение в секцию "Решение".
22.09.2012
Внесено изменение в секцию "Информация об исправлении".";s:4:"TYPE";s:4:"html";}