Check Point Reference:CPAI-2012-053
Date Published: 14 Feb 2012
Severity: Critical
Last Updated:
Source: CVE-2012-0011
Protection Provided by:

Security Gateway
R70

  • R71
  • R75

  • Who is Vulnerable? Internet Explorer 7
    Internet Explorer 8
    Internet Explorer 9
    Vulnerability Description A remote code execution vulnerability has been reported in Internet Explorer.
    Update/Patch AvaliableApply patches from: MS12-010
    Vulnerability DetailsThe vulnerability is due to an error in the way Internet Explorer accesses an object that has been deleted. A remote attacker may exploit this issue by enticing a target user to open a specially crafted web-page with an affected version of Internet Explorer. Successful exploitation could allow an attacker to gain the same user rights as a logged-on user.

    Protection Overview

    This protection will detect and block attempts to open a specially crafted web-page.

    In order for the protection to be activated, update your Security Gateway product to the latest IPS update. For information on how to update IPS, go to SBP-2006-05, Protection tab and select the version of your choice.

    1. In the IPS tab, click Protections and find the Internet Explorer HtmlLayout Remote Code Execution (MS12-010) protection using the Search tool and Edit the protection's settings.
    2. Install policy on all modules.

    SmartView Tracker will log the following entries:
    Attack Name: Web Client Enforcement Violation
    Attack Information: Internet Explorer HtmlLayout remote code execution (MS12-010)