Immunity, Inc.
Name ms12_037
CVE CVE-2012-1876
Exploit Pack CANVAS
DescriptionMS12-037 Microsoft Internet Explorer Fixed Table Col Span Heap Overflow
NotesCVE Name: CVE-2012-1876
VENDOR: Microsoft
Notes:
Some information regarding this exploit:
- It uses an information leak so does not depend of third party software.
- It works with js_recon
- It only works if the template is set as the exploit itself

Tested on:
* Windows XP Professional SP3 English with Internet Explorer 8
* Windows 7 English / Internet Explorer 8.

Tested on the following mshtml.dll versions:
* v80760016625 - unpatched install
* v80760117514 - some patchs
* v90811216447 - all patchs except for ms12-037 patch

**Important** Do not use a template other than the exploit itself!

VersionsAffected: Internet Explorer 6/7/8/9
Repeatability:
MSADV: MS12-037
References: http://technet.microsoft.com/en-us/security/bulletin/ms12-037
CVE Url: http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2012-1876
Date public: 06/12/2012
CVSS: 9.5

Learn more about the CANVAS Exploit Pack here: CANVAS