Integer Overflow Vulnerability in Microsoft Internet Explorer 8 and 9
CVE-2012-2523

Currently unrated

Key Information:

Vendor: Microsoft
Status: Internet Explorer; Jscript; Vbscript
Vendor: CVE Published:; 15 August 2012

What is CVE-2012-2523?

The vulnerability involves an integer overflow issue in Microsoft Internet Explorer 8 and 9, affecting JScript 5.8 and VBScript 5.8 on 64-bit systems. This flaw allows remote attackers to exploit an erroneous size calculation during object copying, potentially enabling them to execute arbitrary code. Timely updates and mitigations are essential to protect against this security threat.

References

https://docs.microsoft.com/en-us/security-updates/securit...

vendor-advisoryx_refsource_MS

https://docs.microsoft.com/en-us/security-updates/securit...

vendor-advisoryx_refsource_MS

http://www.us-cert.gov/cas/techalerts/TA12-227A.html

third-party-advisoryx_refsource_CERT

EPSS Score

64% chance of being exploited in the next 30 days.

Download the Critical Vulnerability Management Cheat Sheet

Timeline

Vulnerability published
Aug 15, 2012
Vulnerability Reserved
May 9, 2012