CVE-2012-0012 in Internet Explorer
Сводка
по MITRE
Microsoft Internet Explorer 9 does not properly handle the creation and initialization of string objects, which allows remote attackers to read data from arbitrary process-memory locations via a crafted web site, aka "Null Byte Information Disclosure Vulnerability."
If you want to get best quality of vulnerability data, you may have to visit VulDB.