CVE-2012-4969

ENISA EUVD: EUVD-2012-4893 ↗
Exploited in the Wild ✓ Confirmed 0-Day
Triaged: March 20, 2026 3 articles Published: 2012-09-18
VulnLookup ↗ NVD ↗ EUVD ↗ MITRE ↗ CISA KEV ↗

EPSS Score

Source: FIRST.org · 2026-05-24
91.78%
probability
This CVE has a 91.78% probability of being exploited in the next 30 days.
0% Top 99.7th percentile of all CVEs 100%

CVSS v3.1

Source: VulnerabilityLookup (CIRCL)
8.1
HIGH
Attack Vector
Network
Attack Complexity
High
Privileges Required
None
User Interaction
None
Scope
Unchanged
Confidentiality
High
Integrity
High
Availability
High
CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H

CVSS v2 (legacy)

9.3
HIGH
Access Vector
Network
Access Complexity
Medium
Authentication
None
Confidentiality
Complete
Integrity
Complete
Availability
Complete
AV:N/AC:M/Au:N/C:C/I:C/A:C

Description

VulnerabilityLookup (CNA)
Use-after-free vulnerability in the CMshtmlEd::Exec function in mshtml.dll in Microsoft Internet Explorer 6 through 9 allows remote attackers to execute arbitrary code via a crafted web site, as exploited in the wild in September 2012.

Affected Products

n/a
n/a

Attack Intelligence

Exploits & PoC

Signal Intelligence

Confidence
85%
EPSS 91.78%
CVSS v3.1 8.1
Mentions 3

CNA Information

CNA Assigner
mitre

Analyst Note

CVE-2012-4969 is a documented Internet Explorer zero-day with active exploitation in the wild confirmed by multiple sources. Microsoft explicitly confirmed zero-day status and deployed out-of-cycle patches, with exploitation documented against real targets (Council on Foreign Relations website). The 2012 publication year and contemporaneous exploitation reports support zero-day classification.

Triage Info

Decided atMar 20, 2026
Published DateSep 18, 2012