CVE-2012-4775

Vulnerability

A use-after-free vulnerability exists in Microsoft Internet Explorer 9, specifically in the CTreeNode object. The flaw occurs when Internet Explorer improperly handles objects in memory, leading to memory corruption. An attacker can exploit this by hosting a specially crafted webpage that triggers the use-after-free condition. The vulnerability affects Internet Explorer 9 on all supported Windows clients and servers, as detailed in Microsoft Security Bulletin MS12-071 [1].

Exploitation

Exploitation requires no authentication and only user interaction—the victim must visit a malicious website using Internet Explorer 9. The attacker does not need any special network position beyond hosting the crafted page. Once the user accesses the page, the browser triggers the use-after-free, allowing the attacker to execute arbitrary code in the context of the current user [1][2].

Impact

Successful exploitation grants the attacker the same user rights as the logged-on user. If the user has administrative privileges, the attacker can gain full control of the system, including the ability to install programs, view/change/delete data, or create new accounts with full rights. The impact is remote code execution with high confidentiality, integrity, and availability impact [1][2].

Mitigation

Microsoft released security update MS12-071 (KB2761451) on November 13, 2012, which addresses this vulnerability by correcting how Internet Explorer handles objects in memory. Customers with automatic updating enabled are protected automatically. For those without, the update should be applied manually via Microsoft Update or enterprise management tools. No workarounds are documented, and the vulnerability is not listed on the CISA Known Exploited Vulnerabilities (KEV) catalog [1][2].