Use-after-free vulnerability in Microsoft Internet Explorer 9 and 10 allows remote attackers to execute arbitrary code via a crafted web site that triggers access to an object that (1) was not properly initialized or (2) is deleted, aka "Improper Ref Counting Use After Free Vulnerability."
2012-12-12T00:55:01.387
2025-04-11T00:51:21.963
Deferred
CVSSv3.1: 9.0 (CRITICAL)
AV:N/AC:M/Au:N/C:C/I:C/A:C
8.6
10.0
| Type | Vendor | Product | Version/Range | Vulnerable? |
|---|---|---|---|---|
| Application | microsoft | internet_explorer | 9 | Yes |
| Operating System | microsoft | windows_7 | * | No |
| Operating System | microsoft | windows_7 | * | No |
| Operating System | microsoft | windows_7 | * | No |
| Operating System | microsoft | windows_7 | * | No |
| Operating System | microsoft | windows_server_2008 | * | No |
| Operating System | microsoft | windows_server_2008 | * | No |
| Operating System | microsoft | windows_server_2008 | * | No |
| Operating System | microsoft | windows_vista | * | No |
| Application | microsoft | internet_explorer | 10 | Yes |
| Operating System | microsoft | windows_8 | - | No |
| Operating System | microsoft | windows_8 | - | No |
| Operating System | microsoft | windows_rt | - | No |
| Operating System | microsoft | windows_server_2012 | - | No |