Unknown
Microsoft Internet Explorer execCommand Use-After-Free
CVE ID
AttackerKB requires a CVE ID in order to pull vulnerability data and references from the CVE list and the National Vulnerability Database. If available, please supply below:
Add References:
Unknown
(1 user assessed)Unknown
(1 user assessed)Unknown
Unknown
Unknown
Microsoft Internet Explorer execCommand Use-After-Free
MITRE ATT&CK
Collection
Command and Control
Credential Access
Defense Evasion
Discovery
Execution
Exfiltration
Impact
Initial Access
Lateral Movement
Persistence
Privilege Escalation
Topic Tags
Description
Use-after-free vulnerability in the CMshtmlEd::Exec function in mshtml.dll in Microsoft Internet Explorer 6 through 9 allows remote attackers to execute arbitrary code via a crafted web site, as exploited in the wild in September 2012.
Add Assessment
Technical Analysis
.text:7625B0F2
.text:7625B0F2 loc_7625B0F2: ; CODE XREF: _MemAllocClear(x)+25j
.text:7625B0F2 ; _MemAllocClear(x)+33j …
.text:7625B0F2 push [ebp+dwBytes] ; dwBytes
.text:7625B0F5 push 8 ; dwFlags
.text:7625B0F7 push _g_hProcessHeap ; hHeap
.text:7625B0FD call ds:impHeapAlloc@12 ; HeapAlloc(x,x,x)
.text:7625B103
.text:7625B103 loc_7625B103: ; CODE XREF: _MemAllocClear(x)+71j
.text:7625B103 pop edi
.text:7625B104 pop ebx
.text:7625B105 leave
.text:7625B106 retn 4
.text:7625B106 __MemAllocClear@4 endp
.text:7625B106
”`
Would you also like to delete your Exploited in the Wild Report?
Delete Assessment Only Delete Assessment and Exploited in the Wild ReportGeneral Information
References
Additional Info
Technical Analysis
Report as Exploited in the Wild
CVE ID
AttackerKB requires a CVE ID in order to pull vulnerability data and references from the CVE list and the National Vulnerability Database. If available, please supply below: