Buffer overflow in Microsoft Internet_explorer

CVE-2012-1526

Microsoft Internet Explorer 6 and 7 does not properly handle objects in memory, which allows remote attackers to execute arbitrary code by accessing an object that (1) was not initialized or (2) is deleted, aka "Layout Memory Corruption Vu…

Vulnerability class: Buffer Overflow

EPSS: 0.532 (98.0th percentile) — read the EPSS interpretation.

Affected products

Microsoft Internet_explorer — versions 6, 7
N/a — versions n/a

Weakness classification (CWE)

CWE-119 — Improper Restriction of Operations within the Bounds of a Memory Buffer

References

MS12-052 (x_refsource_MS, vendor-advisory)
oval:org.mitre.oval:def:15240 (x_refsource_OVAL, signature, vdb-entry)
TA12-227A (US Government Resource, x_refsource_CERT, third-party-advisory)