Categories: US-Cert-Repository

Microsoft Internet Explorer 8 use-after-free Vulnerability

Original release date: January 07, 2011 | Last revised: October 23, 2012

US-CERT is aware of a vulnerability affecting Microsoft Internet Explorer 8. This vulnerability is due to improper handling of circular memory references. Exploitation of this vulnerability may allow an attacker to execute arbitrary code in the context of the user or cause a denial-of-service condition.

At this time, the vendor has not released a fix or a workaround to address this vulnerability. Users and administrators are encouraged to consider implementing the mitigations provided in Microsoft’s Enhanced Mitigation Experience Toolkit (EMET). These mitigations will not rectify the vulnerability but will make exploitation of the vulnerability more difficult.

Additional information can be found in US-CERT Vulnerability Note VU#427980. US-CERT will provide updates as further details become available.

This product is provided subject to this Notification and this Privacy & Use policy.

admin

Share
Published by
admin

Recent Posts

CISA Adds One Known Exploited Vulnerability to Catalog

CISA has added one new vulnerability to its Known Exploited Vulnerabilities (KEV) Catalog, based on…

7 days ago

CISA Adds Two Known Exploited Vulnerabilities to Catalog

CISA has added two new vulnerabilities to its Known Exploited Vulnerabilities (KEV) Catalog, based on…

2 weeks ago

CISA Adds Four Known Exploited Vulnerabilities to Catalog

CISA has added four new vulnerabilities to its Known Exploited Vulnerabilities (KEV) Catalog, based on…

2 weeks ago

CISA Urges Hardening Fortinet Devices After Reports of Credential Exposure

CISA is aware of global reports that malicious cyber actors have targeted internet-accessible Fortinet devices…

2 weeks ago

CISA Adds One Known Exploited Vulnerability to Catalog

CISA has added one new vulnerability to its Known Exploited Vulnerabilities (KEV) Catalog, based on…

3 weeks ago

CISA Adds One Known Exploited Vulnerability to Catalog

CISA has added one new vulnerability to its Known Exploited Vulnerabilities (KEV) Catalog, based on…

3 weeks ago

This website uses cookies.