CVE-2012-1876

Name of the Vulnerable Software and Affected Versions Microsoft Internet Explorer versions 6 through 9, and 10 Consumer Preview

Description The issue arises from improper handling of objects in memory, allowing remote attackers to execute arbitrary code by attempting to access a nonexistent object. This leads to a heap-based buffer overflow, potentially corrupting memory in a way that enables an attacker to execute arbitrary code in the context of the current user. The vulnerability was demonstrated by VUPEN during a Pwn2Own competition at CanSecWest 2012.

Recommendations For Microsoft Internet Explorer versions 6 through 9, and 10 Consumer Preview, update to a newer version to mitigate the risk. At the moment, there is no information about a newer version that contains a fix for this vulnerability.