Check Point Reference: | CPAI-2012-053 |
Date Published: | 14 Feb 2012 |
Severity: | Critical |
Last Updated: | Monday 25 November, 2024 |
Source: | CVE-2012-0011 |
Protection Provided by: |
Security Gateway |
Who is Vulnerable? | Internet Explorer 7 Internet Explorer 8 Internet Explorer 9 |
Vulnerability Description | A remote code execution vulnerability has been reported in Internet Explorer. |
Update/Patch Avaliable | Apply patches from: MS12-010 |
Vulnerability Details | The vulnerability is due to an error in the way Internet Explorer accesses an object that has been deleted. A remote attacker may exploit this issue by enticing a target user to open a specially crafted web-page with an affected version of Internet Explorer. Successful exploitation could allow an attacker to gain the same user rights as a logged-on user. |
This protection will detect and block attempts to open a specially crafted web-page.
In order for the protection to be activated, update your Security Gateway product to the latest IPS update. For information on how to update IPS, go to SBP-2006-05, Protection tab and select the version of your choice.
SmartView Tracker will log the following entries:
Attack Name: Web Client Enforcement Violation
Attack Information: Internet Explorer HtmlLayout remote code execution (MS12-010)