CVE-2012-1879

Microsoft Internet Explorer 6 through 9 does not properly handle objects in memory, which allows remote attackers to execute arbitrary code by attempting to access an undefined memory location, aka "insertAdjacentText Remote Code Execution Vulnerability."
Code Injection
ProviderTypeBase ScoreAtk. VectorAtk. ComplexityPriv. RequiredVector
NISTNIST
8.1 HIGH
NETWORK
HIGH
NONE
CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H
microsoftCNA
---
---
CVEADP
---
---
CISA-ADPADP
8.1 HIGH
NETWORK
HIGH
NONE
CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H
Awaiting analysis
This vulnerability is currently awaiting analysis.
Base Score
CVSS 3.x
EPSS Score
Percentile: 96%
Common Weakness Enumeration
References
http://www.us-cert.gov/cas/techalerts/TA12-164A.html
https://docs.microsoft.com/en-us/security-updates/securitybulletins/2012/ms12-037
https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A15588
http://www.us-cert.gov/cas/techalerts/TA12-164A.html
https://docs.microsoft.com/en-us/security-updates/securitybulletins/2012/ms12-037
https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A15588