CVE-2012-1545

Name of the Vulnerable Software and Affected Versions Microsoft Internet Explorer versions 6 through 9, and 10 Consumer Preview

Description The issue allows remote attackers to bypass Protected Mode or cause a denial of service due to memory corruption. This can be achieved by leveraging access to a Low integrity process. The vulnerability was demonstrated by VUPEN during a Pwn2Own competition at CanSecWest 2012.

Recommendations For Microsoft Internet Explorer versions 6 through 9, and 10 Consumer Preview, consider applying configuration changes to restrict access to Low integrity processes as a temporary mitigation measure. At the moment, there is no information about a newer version that contains a fix for this vulnerability.