Lucene search

MicrosoftCVE-2012-1872

HistoryJun 12, 2012 - 10:55 p.m.

CVE-2012-1872

2012-06-1222:55:01

CWE-79

microsoft

web.nvd.nist.gov

cve-2012-1872

cross-site scripting

xss

internet explorer

euc-jp encoding

vulnerability

CVSS2

4.3

Attack Vector

NETWORK

Attack Complexity

MEDIUM

Authentication

NONE

Confidentiality Impact

NONE

Integrity Impact

PARTIAL

Availability Impact

NONE

AV:N/AC:M/Au:N/C:N/I:P/A:N

AI Score

5.6

Confidence

High

EPSS

0.005

Percentile

77.1%

JSON

Cross-site scripting (XSS) vulnerability in Microsoft Internet Explorer 6 through 9 allows remote attackers to inject arbitrary web script or HTML via crafted character sequences with EUC-JP encoding, aka “EUC-JP Character Encoding Vulnerability.”

Affected configurations

Nvd

Node

microsoftinternet_explorerMatch6

AND

microsoftwindows_xpsp3

microsoftwindows_xpMatch-sp2x64

Node

microsoftinternet_explorerMatch7

AND

microsoftwindows_vistasp2

microsoftwindows_vistaMatch-sp2

microsoftwindows_xpsp3

microsoftwindows_xpMatch-sp2x64

Node

microsoftinternet_explorerMatch8

microsoftinternet_explorerMatch9

AND

microsoftwindows_7x64

microsoftwindows_7x86

microsoftwindows_7sp1x64

microsoftwindows_7Match-

microsoftwindows_7Match-sp1x64

microsoftwindows_vistasp2

microsoftwindows_xpsp3

microsoftwindows_xpMatch-sp2x64

VendorProductVersionCPE
microsoftinternet_explorer6cpe:2.3:a:microsoft:internet_explorer:6:*:*:*:*:*:*:*
microsoftwindows_xp*cpe:2.3:o:microsoft:windows_xp:*:sp3:*:*:*:*:*:*
microsoftwindows_xp-cpe:2.3:o:microsoft:windows_xp:-:sp2:x64:*:*:*:*:*
microsoftinternet_explorer7cpe:2.3:a:microsoft:internet_explorer:7:*:*:*:*:*:*:*
microsoftwindows_vista*cpe:2.3:o:microsoft:windows_vista:*:sp2:*:*:*:*:*:*
microsoftwindows_vista-cpe:2.3:o:microsoft:windows_vista:-:sp2:*:*:*:*:*:*
microsoftinternet_explorer8cpe:2.3:a:microsoft:internet_explorer:8:*:*:*:*:*:*:*
microsoftinternet_explorer9cpe:2.3:a:microsoft:internet_explorer:9:*:*:*:*:*:*:*
microsoftwindows_7*cpe:2.3:o:microsoft:windows_7:*:*:x64:*:*:*:*:*
microsoftwindows_7*cpe:2.3:o:microsoft:windows_7:*:*:x86:*:*:*:*:*

Vendor	Product	Version	CPE
microsoft	internet_explorer	6	cpe:2.3:a:microsoft:internet_explorer:6:::::::*
microsoft	windows_xp	*	cpe:2.3:o:microsoft:windows_xp::sp3::::::*
microsoft	windows_xp	-	cpe:2.3:o:microsoft:windows_xp:-:sp2:x64:::::*
microsoft	internet_explorer	7	cpe:2.3:a:microsoft:internet_explorer:7:::::::*
microsoft	windows_vista	*	cpe:2.3:o:microsoft:windows_vista::sp2::::::*
microsoft	windows_vista	-	cpe:2.3:o:microsoft:windows_vista:-:sp2::::::
microsoft	internet_explorer	8	cpe:2.3:a:microsoft:internet_explorer:8:::::::*
microsoft	internet_explorer	9	cpe:2.3:a:microsoft:internet_explorer:9:::::::*
microsoft	windows_7	*	cpe:2.3:o:microsoft:windows_7:::x64:::::*
microsoft	windows_7	*	cpe:2.3:o:microsoft:windows_7:::x86:::::*