First published: Tue Jun 12 2012(Updated: )
Cross-site scripting (XSS) vulnerability in Microsoft Internet Explorer 6 through 9 allows remote attackers to inject arbitrary web script or HTML via crafted character sequences with EUC-JP encoding, aka "EUC-JP Character Encoding Vulnerability."
Credit: secure@microsoft.com
Affected Software | Affected Version | How to fix |
---|---|---|
All of | ||
Internet Explorer | =6 | |
Any of | ||
Microsoft Windows XP | =sp3 | |
Microsoft Windows XP | =sp2 | |
All of | ||
Internet Explorer | =7 | |
Any of | ||
Microsoft Windows Vista | =sp2 | |
Microsoft Windows Vista | =sp2 | |
Microsoft Windows XP | =sp3 | |
Microsoft Windows XP | =sp2 | |
All of | ||
Any of | ||
Internet Explorer | =8 | |
Internet Explorer | =9 | |
Any of | ||
Microsoft Windows 7 | ||
Microsoft Windows 7 | ||
Microsoft Windows 7 | =sp1 | |
Microsoft Windows 7 | ||
Microsoft Windows 7 | =sp1 | |
Microsoft Windows Vista | =sp2 | |
Microsoft Windows XP | =sp3 | |
Microsoft Windows XP | =sp2 | |
Internet Explorer | =6 | |
Microsoft Windows XP | =sp3 | |
Microsoft Windows XP | =sp2 | |
Internet Explorer | =7 | |
Microsoft Windows Vista | =sp2 | |
Microsoft Windows Vista | =sp2 | |
Microsoft Windows Vista | =sp2 | |
Internet Explorer | =8 | |
Internet Explorer | =9 | |
Microsoft Windows 7 | ||
Microsoft Windows 7 | ||
Microsoft Windows 7 | =sp1 | |
Microsoft Windows 7 | ||
Microsoft Windows 7 | =sp1 |
Sign up to SecAlerts for real-time vulnerability data matched to your software, aggregated from hundreds of sources.
CVE-2012-1872 is classified as a Critical vulnerability, posing serious security risks to affected systems.
To remediate CVE-2012-1872, ensure that you apply the latest security updates and patches provided by Microsoft for Internet Explorer versions 6 to 9.
CVE-2012-1872 affects Microsoft Internet Explorer versions 6, 7, 8, and 9.
Yes, CVE-2012-1872 affects Windows XP and Vista when used with the vulnerable versions of Internet Explorer.
CVE-2012-1872 can be exploited through cross-site scripting (XSS) attacks, allowing attackers to inject arbitrary scripts into targeted web pages.