CVE-2012-0011

Summary

CVE	CVE-2012-0011
State	PUBLIC
Assigner	[email protected]
Source Priority	CVE Program / NVD first with legacy fallback
Published	2012-02-14 22:55:00 UTC
Updated	2022-03-01 16:28:00 UTC
Description	Microsoft Internet Explorer 7 through 9 does not properly handle objects in memory, which allows remote attackers to execute arbitrary code by accessing a deleted object, aka "HTML Layout Remote Code Execution Vulnerability."

Risk And Classification

Problem Types: CWE-94

NVD Known Affected Configurations (CPE 2.3)

Type	Vendor	Product	Version	Update	Edition	Language
Application	Microsoft	Ie	7	All	All	All
Application	Microsoft	Ie	8	All	All	All
Application	Microsoft	Ie	9	All	All	All
Application	Microsoft	Ie	7	All	All	All
Application	Microsoft	Ie	8	All	All	All
Application	Microsoft	Ie	9	All	All	All
Application	Microsoft	Internet Explorer	7	All	All	All
Application	Microsoft	Internet Explorer	8	All	All	All
Application	Microsoft	Internet Explorer	9	All	All	All
Operating System	Microsoft	Windows 7	All	All	x64	All
Operating System	Microsoft	Windows 7	All	All	x86	All
Operating System	Microsoft	Windows 7	All	sp1	x64	All
Operating System	Microsoft	Windows 7	All	sp1	x86	All
Operating System	Microsoft	Windows 7	-	All	All	All
Operating System	Microsoft	Windows 7	-	sp1	All	All
Operating System	Microsoft	Windows 7	All	All	x64	All
Operating System	Microsoft	Windows 7	All	All	x86	All
Operating System	Microsoft	Windows 7	All	sp1	x64	All
Operating System	Microsoft	Windows 7	All	sp1	x86	All
Operating System	Microsoft	Windows Server 2003	All	sp2	All	All
Operating System	Microsoft	Windows Server 2003	-	sp2	All	All
Operating System	Microsoft	Windows Server 2003	All	sp2	All	All
Operating System	Microsoft	Windows Server 2008	All	sp2	itanium	All
Operating System	Microsoft	Windows Server 2008	All	sp2	x64	All
Operating System	Microsoft	Windows Server 2008	All	sp2	x86	All
Operating System	Microsoft	Windows Server 2008	-	sp2	All	All
Operating System	Microsoft	Windows Server 2008	r2	All	All	All
Operating System	Microsoft	Windows Server 2008	r2	All	itanium	All
Operating System	Microsoft	Windows Server 2008	r2	All	x64	All
Operating System	Microsoft	Windows Server 2008	r2	sp1	All	All
Operating System	Microsoft	Windows Server 2008	All	sp2	itanium	All
Operating System	Microsoft	Windows Server 2008	All	sp2	x64	All
Operating System	Microsoft	Windows Server 2008	All	sp2	x86	All
Operating System	Microsoft	Windows Server 2008	r2	All	itanium	All
Operating System	Microsoft	Windows Server 2008	r2	All	x64	All
Operating System	Microsoft	Windows Vista	All	sp2	All	All
Operating System	Microsoft	Windows Vista	All	sp2	x64	All
Operating System	Microsoft	Windows Vista	-	sp2	All	All
Operating System	Microsoft	Windows Vista	All	sp2	All	All
Operating System	Microsoft	Windows Vista	All	sp2	x64	All
Operating System	Microsoft	Windows Xp	All	sp3	All	All
Operating System	Microsoft	Windows Xp	-	sp2	All	All
Operating System	Microsoft	Windows Xp	-	sp2	x64	All
Operating System	Microsoft	Windows Xp	-	sp3	All	All
Operating System	Microsoft	Windows Xp	All	sp3	All	All
Operating System	Microsoft	Windows Xp	-	sp2	x64	All

References

Reference	Source	Link	Tags
Repository / Oval Repository	OVAL	oval.cisecurity.org
US-CERT Alert TA12-045A - Microsoft Updates for Multiple Vulnerabilities	CERT	www.us-cert.gov	Third Party Advisory, US Government Resource
Microsoft Security Bulletin MS12-010 - Critical \| Microsoft Docs	MS	docs.microsoft.com
CVE Program record	CVE.ORG	www.cve.org	canonical
NVD vulnerability detail	NVD	nvd.nist.gov	canonical, analysis

No vendor comments have been submitted for this CVE.

There are currently no legacy QID mappings associated with this CVE.