01642 06 11 11 Arrange Call

CMshtmlEd::Exec Use-After-Free Vulnerability in Internet Explorer 6-9

CVE-2012-4969 · HIGH

CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H

CVE-2012-4969

Use-after-free vulnerability in the CMshtmlEd::Exec function in mshtml.dll in Microsoft Internet Explorer 6 through 9 allows remote attackers to execute arbitrary code via a crafted web site, as exploited in the wild in September 2012.

Learn more about our Web App Pen Testing.