U.S. flag   An official website of the United States government
Dot gov

Official websites use .gov
A .gov website belongs to an official government organization in the United States.

Https

Secure .gov websites use HTTPS
A lock (Dot gov) or https:// means you've safely connected to the .gov website. Share sensitive information only on official, secure websites.

Vulnerability Change Records for CVE-2012-4969

Change History

Modified Analysis by NIST 11/21/2017 1:13:04 PM

Action Type Old Value New Value
Changed CPE Configuration
AND
     OR
          *cpe:2.3:a:microsoft:internet_explorer:6:*:*:*:*:*:*:*
     OR
          cpe:2.3:o:microsoft:windows_server:2003:sp2:*:*:*:*:*:*
          cpe:2.3:o:microsoft:windows_server:2003:sp2:itanium:*:*:*:*:*
          cpe:2.3:o:microsoft:windows_server:2003:sp2:x64:*:*:*:*:*
          cpe:2.3:o:microsoft:windows_xp:*:sp2:professional_x64:*:*:*:*:*
          cpe:2.3:o:microsoft:windows_xp:*:sp3:*:*:*:*:*:*
AND
     OR
          *cpe:2.3:a:microsoft:internet_explorer:6:*:*:*:*:*:*:*
     OR
          cpe:2.3:o:microsoft:windows_server:2003:sp2:*:*:*:*:*:*
          cpe:2.3:o:microsoft:windows_server:2003:sp2:*:*:*:*:itanium:*
          cpe:2.3:o:microsoft:windows_server:2003:sp2:*:*:*:*:x64:*
          cpe:2.3:o:microsoft:windows_xp:*:sp2:*:*:professional:*:x64:*
          cpe:2.3:o:microsoft:windows_xp:*:sp3:*:*:*:*:*:*
Changed CPE Configuration
AND
     OR
          *cpe:2.3:a:microsoft:internet_explorer:7:*:*:*:*:*:*:*
     OR
          cpe:2.3:o:microsoft:windows_server:2003:sp2:*:*:*:*:*:*
          cpe:2.3:o:microsoft:windows_server:2003:sp2:itanium:*:*:*:*:*
          cpe:2.3:o:microsoft:windows_server:2003:sp2:x64:*:*:*:*:*
          cpe:2.3:o:microsoft:windows_server:2008:sp2:*:itanium:*:*:*:*
          cpe:2.3:o:microsoft:windows_server:2008:sp2:x32:*:*:*:*:*
          cpe:2.3:o:microsoft:windows_server:2008:sp2:x64:*:*:*:*:*
          cpe:2.3:o:microsoft:windows_vista:*:sp2:*:*:*:*:*:*
          cpe:2.3:o:microsoft:windows_vista:*:sp2:x64:*:*:*:*:*
          cpe:2.3:o:microsoft:windows_vista:-:sp2:*:*:*:*:*:*
          cpe:2.3:o:microsoft:windows_xp:*:sp3:*:*:*:*:*:*
          cpe:2.3:o:microsoft:windows_xp:-:sp2:x64:*:*:*:*:*
AND
     OR
          *cpe:2.3:a:microsoft:internet_explorer:7:*:*:*:*:*:*:*
     OR
          cpe:2.3:o:microsoft:windows_server:2003:sp2:*:*:*:*:*:*
          cpe:2.3:o:microsoft:windows_server:2003:sp2:*:*:*:*:itanium:*
          cpe:2.3:o:microsoft:windows_server:2003:sp2:*:*:*:*:x64:*
          cpe:2.3:o:microsoft:windows_server:2008:sp2:*:*:*:*:*:*
          cpe:2.3:o:microsoft:windows_server:2008:sp2:*:*:*:*:itanium:*
          cpe:2.3:o:microsoft:windows_server:2008:sp2:*:*:*:*:x64:*
          cpe:2.3:o:microsoft:windows_vista:*:sp2:*:*:*:*:*:*
          cpe:2.3:o:microsoft:windows_vista:*:sp2:*:*:*:*:x64:*
          cpe:2.3:o:microsoft:windows_vista:-:sp2:*:*:*:*:*:*
          cpe:2.3:o:microsoft:windows_xp:*:sp3:*:*:*:*:*:*
          cpe:2.3:o:microsoft:windows_xp:-:sp2:*:*:*:*:x64:*
Changed CPE Configuration
AND
     OR
          *cpe:2.3:a:microsoft:internet_explorer:8:*:*:*:*:*:*:*
     OR
          cpe:2.3:o:microsoft:windows_7:*:*:x64:*:*:*:*:*
          cpe:2.3:o:microsoft:windows_7:*:sp1:x64:*:*:*:*:*
          cpe:2.3:o:microsoft:windows_7:*:x32:*:*:*:*:*:*
          cpe:2.3:o:microsoft:windows_7:-:-:x64:*:*:*:*:*
          cpe:2.3:o:microsoft:windows_7:-:sp1:x64:*:*:*:*:*
          cpe:2.3:o:microsoft:windows_server:2003:sp2:*:*:*:*:*:*
          cpe:2.3:o:microsoft:windows_server:2003:sp2:x64:*:*:*:*:*
          cpe:2.3:o:microsoft:windows_server:2008:sp2:x32:*:*:*:*:*
          cpe:2.3:o:microsoft:windows_server:2008:sp2:x64:*:*:*:*:*
          cpe:2.3:o:microsoft:windows_server_2008:r2:-:itanium:*:*:*:*:*
          cpe:2.3:o:microsoft:windows_server_2008:r2:-:x64:*:*:*:*:*
          cpe:2.3:o:microsoft:windows_server_2008:r2:sp1:itanium:*:*:*:*:*
          cpe:2.3:o:microsoft:windows_server_2008:r2:sp1:x64:*:*:*:*:*
          cpe:2.3:o:microsoft:windows_vista:*:sp2:*:*:*:*:*:*
          cpe:2.3:o:microsoft:windows_vista:*:sp2:x64:*:*:*:*:*
          cpe:2.3:o:microsoft:windows_vista:-:sp2:*:*:*:*:*:*
          cpe:2.3:o:microsoft:windows_xp:*:sp3:*:*:*:*:*:*
          cpe:2.3:o:microsoft:windows_xp:-:sp2:x64:*:*:*:*:*
AND
     OR
          *cpe:2.3:a:microsoft:internet_explorer:8:*:*:*:*:*:*:*
     OR
          cpe:2.3:o:microsoft:windows_7:*:*:*:*:*:*:x64:*
          cpe:2.3:o:microsoft:windows_7:*:*:x64:*:*:*:*:*
          cpe:2.3:o:microsoft:windows_7:*:sp1:*:*:*:*:x64:*
          cpe:2.3:o:microsoft:windows_7:-:sp1:*:*:*:*:x64:*
          cpe:2.3:o:microsoft:windows_server:2003:sp2:*:*:*:*:*:*
          cpe:2.3:o:microsoft:windows_server:2003:sp2:*:*:*:*:x64:*
          cpe:2.3:o:microsoft:windows_server:2008:sp2:*:*:*:*:*:*
          cpe:2.3:o:microsoft:windows_server:2008:sp2:*:*:*:*:x64:*
          cpe:2.3:o:microsoft:windows_server_2008:r2:*:*:*:*:*:itanium:*
          cpe:2.3:o:microsoft:windows_server_2008:r2:*:*:*:*:*:x64:*
          cpe:2.3:o:microsoft:windows_server_2008:r2:sp1:*:*:*:*:itanium:*
          cpe:2.3:o:microsoft:windows_server_2008:r2:sp1:*:*:*:*:x64:*
          cpe:2.3:o:microsoft:windows_vista:*:sp2:*:*:*:*:*:*
          cpe:2.3:o:microsoft:windows_vista:*:sp2:*:*:*:*:x64:*
          cpe:2.3:o:microsoft:windows_vista:-:sp2:*:*:*:*:*:*
          cpe:2.3:o:microsoft:windows_xp:*:sp3:*:*:*:*:*:*
          cpe:2.3:o:microsoft:windows_xp:-:sp2:*:*:*:*:x64:*
Changed CPE Configuration
AND
     OR
          *cpe:2.3:a:microsoft:internet_explorer:9:*:*:*:*:*:*:*
     OR
          cpe:2.3:o:microsoft:windows_7:*:*:x64:*:*:*:*:*
          cpe:2.3:o:microsoft:windows_7:*:sp1:x64:*:*:*:*:*
          cpe:2.3:o:microsoft:windows_7:*:sp1:x86:*:*:*:*:*
          cpe:2.3:o:microsoft:windows_7:-:-:x32:*:*:*:*:*
          cpe:2.3:o:microsoft:windows_7:-:-:x64:*:*:*:*:*
          cpe:2.3:o:microsoft:windows_7:-:sp1:x64:*:*:*:*:*
          cpe:2.3:o:microsoft:windows_7:-:sp1:x86:*:*:*:*:*
          cpe:2.3:o:microsoft:windows_server_2008:*:sp2:x64:*:*:*:*:*
          cpe:2.3:o:microsoft:windows_server_2008:-:sp2:x32:*:*:*:*:*
          cpe:2.3:o:microsoft:windows_server_2008:r2:-:x64:*:*:*:*:*
          cpe:2.3:o:microsoft:windows_server_2008:r2:sp1:x64:*:*:*:*:*
          cpe:2.3:o:microsoft:windows_vista:*:sp2:x64:*:*:*:*:*
          cpe:2.3:o:microsoft:windows_vista:sp2:*:*:*:*:*:*:*
AND
     OR
          *cpe:2.3:a:microsoft:internet_explorer:9:*:*:*:*:*:*:*
     OR
          cpe:2.3:o:microsoft:windows_7:*:*:*:*:*:*:*:*
          cpe:2.3:o:microsoft:windows_7:*:*:*:*:*:*:x64:*
          cpe:2.3:o:microsoft:windows_7:*:sp1:*:*:*:*:x64:*
          cpe:2.3:o:microsoft:windows_7:*:sp1:*:*:*:*:x86:*
          cpe:2.3:o:microsoft:windows_7:-:-:*:*:*:*:x64:*
          cpe:2.3:o:microsoft:windows_7:-:sp1:*:*:*:*:x64:*
          cpe:2.3:o:microsoft:windows_7:-:sp1:*:*:*:*:x86:*
          cpe:2.3:o:microsoft:windows_server_2008:*:sp2:*:*:*:*:x64:*
          cpe:2.3:o:microsoft:windows_server_2008:-:sp2:*:*:*:*:*:*
          cpe:2.3:o:microsoft:windows_server_2008:r2:*:*:*:*:*:x64:*
          cpe:2.3:o:microsoft:windows_server_2008:r2:sp1:*:*:*:*:x64:*
          cpe:2.3:o:microsoft:windows_vista:*:sp2:*:*:*:*:x64:*
          cpe:2.3:o:microsoft:windows_vista:sp2:*:*:*:*:*:*:*
Changed Reference Type
http://blog.vulnhunt.com/index.php/2012/09/17/ie-execcommand-fuction-use-after-free-vulnerability-0day_en/ Exploit
http://blog.vulnhunt.com/index.php/2012/09/17/ie-execcommand-fuction-use-after-free-vulnerability-0day_en/ Broken Link
Changed Reference Type
http://dev.metasploit.com/redmine/projects/framework/repository/entry/modules/exploits/windows/browser/ie_execcommand_uaf.rb Exploit
http://dev.metasploit.com/redmine/projects/framework/repository/entry/modules/exploits/windows/browser/ie_execcommand_uaf.rb Broken Link
Changed Reference Type
http://eromang.zataz.com/2012/09/16/zero-day-season-is-really-not-over-yet/ Exploit
http://eromang.zataz.com/2012/09/16/zero-day-season-is-really-not-over-yet/ Third Party Advisory
Changed Reference Type
http://technet.microsoft.com/security/advisory/2757760 Vendor Advisory
http://technet.microsoft.com/security/advisory/2757760 Patch, Vendor Advisory
Changed Reference Type
http://www.kb.cert.org/vuls/id/480095 US Government Resource
http://www.kb.cert.org/vuls/id/480095 Third Party Advisory, US Government Resource
Changed Reference Type
http://www.securitytracker.com/id?1027538 No Types Assigned
http://www.securitytracker.com/id?1027538 Third Party Advisory, VDB Entry
Changed Reference Type
http://www.securityweek.com/new-internet-explorer-zero-day-being-exploited-wild No Types Assigned
http://www.securityweek.com/new-internet-explorer-zero-day-being-exploited-wild Third Party Advisory
Changed Reference Type
http://www.us-cert.gov/cas/techalerts/TA12-255A.html US Government Resource
http://www.us-cert.gov/cas/techalerts/TA12-255A.html Third Party Advisory, US Government Resource
Changed Reference Type
http://www.us-cert.gov/cas/techalerts/TA12-262A.html US Government Resource
http://www.us-cert.gov/cas/techalerts/TA12-262A.html Third Party Advisory, US Government Resource
Changed Reference Type
http://www.us-cert.gov/cas/techalerts/TA12-265A.html US Government Resource
http://www.us-cert.gov/cas/techalerts/TA12-265A.html Third Party Advisory, US Government Resource
Changed Reference Type
https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A15729 No Types Assigned
https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A15729 Third Party Advisory