JavaScript Integer Overflow Remote Code Execution Vulnerability (CVE-2012-2523)
Gravité: : Critique
Identifiant(s) CVE: : 2012-2523,MS12-056
Date du conseil: 21 juillet 2015
Description
Integer overflow in Microsoft Internet Explorer 8 and 9, JScript 5.8, and VBScript 5.8 on 64-bit platforms allows remote attackers to execute arbitrary code by leveraging an incorrect size calculation during object copying, aka "JavaScript Integer Overflow Remote Code Execution Vulnerability."
Information Exposure Rating:
Apply associated Trend Micro DPI Rules.
Solutions
Trend Micro Deep Security DPI Rule Number: 1005134
Trend Micro Deep Security DPI Rule Name: 1005134 - Internet Explorer JavaScript Integer Overflow Remote Code Execution Vulnerability (CVE-2012-2523)
Affected software and version:
- microsoft internet_explorer 8
- microsoft internet_explorer 9
- microsoft jscript 5.8
- microsoft vbscript 5.8