EXPLOITDB-EDB-21840

EXPLOITDB ruby VERIFIED WORKING POC

Exploit for CVE-2012-4969 - Microsoft Internet Explorer <10 - RCE

AI Analysis

This Metasploit module exploits a use-after-free vulnerability in Microsoft Internet Explorer (CVE-2012-4969) by manipulating the CMshtmlEd object, leading to remote code execution. It includes ROP chains for various targets and uses heap spraying techniques to achieve reliable exploitation.

Attack Type

RCE

Complexity

complex

Reliability

reliable

MITRE ATT&CK

T1189 - Drive-by Compromise T1059 - Command and Scripting Interpreter T1203 - Exploitation for Client Execution

Loading exploit code...

Download ZIP Password: eip

Source

Platform Exploitdb

Type remote

Platform windows

Language ruby

Files 1

https://www.exploit-db.com/exploits/21840

Authors

Metasploit sinn3r juan vazquez eromang binjo Unknown

Vulnerability

CVE-2012-4969

Microsoft Internet Explorer <10 - RCE

HIGH KEV

CVSS 8.1