MS12-063: Cumulative Security Update for Internet Explorer (2744842)

This script is Copyright (C) 2012-2015 Tenable Network Security, Inc.


Synopsis :

The remote host is affected by code execution vulnerabilities.

Description :

The remote host is missing Internet Explorer (IE) Security Update
2744842.

The installed version of IE is affected by vulnerabilities that could
allow an attacker to execute arbitrary code on the remote host.

See also :

https://technet.microsoft.com/library/security/ms12-063
https://technet.microsoft.com/library/security/2757760
http://www.zerodayinitiative.com/advisories/ZDI-12-200
http://www.zerodayinitiative.com/advisories/ZDI-12-199
http://www.zerodayinitiative.com/advisories/ZDI-12-198
http://www.zerodayinitiative.com/advisories/ZDI-13-007
http://www.securityfocus.com/archive/1/524504/30/0/threaded
http://www.securityfocus.com/archive/1/524505/30/0/threaded

Solution :

Microsoft has released a set of patches for XP, 2003, Vista, 2008, 7,
and 2008 R2.

Risk factor :

High / CVSS Base Score : 9.3
(CVSS2#AV:N/AC:M/Au:N/C:C/I:C/A:C)
CVSS Temporal Score : 7.7
(CVSS2#E:F/RL:OF/RC:C)
Public Exploit Available : true

Family: Windows : Microsoft Bulletins

Nessus Plugin ID: 62223 ()

Bugtraq ID: 55562
55641
55645
55646
55647

CVE ID: CVE-2012-1529
CVE-2012-2546
CVE-2012-2548
CVE-2012-2557
CVE-2012-4969