CVE-2012-4792 — Microsoft Internet Explorer Use-After-Free Vulnerability
2024-07-23 • CISA Known Exploited Vulnerability
[event] Microsoft Internet Explorer contains a use-after-free vulnerability that allows a remote attacker to execute arbitrary code via a crafted web site that triggers access to an object that (1) was not properly allocated or (2) is deleted, as demonstrated by a CDwnBindInfo object.
> AFFECTED SOFTWARE
| Field | Value |
|---|---|
| Vendor | Microsoft |
| Product | Internet Explorer |
| CWE | CWE-416 |
| CVE ID | CVE-2012-4792 |
| Date Added | 2024-07-23 |
| Due Date | 2024-08-13 |
| Ransomware Campaign | Unknown |
> MITIGATION
The impacted product is end-of-life and should be disconnected if still in use.
Due Date: 2024-08-13