Lucene search

[email protected]CVE-2013-0026

HistoryFeb 13, 2013 - 12:04 p.m.

CVE-2013-0026

2013-02-1312:04:12

CWE-399

[email protected]

web.nvd.nist.gov

internet explorer

vulnerability

remote code execution

cve-2013-0026

nvd

9.3 High

CVSS2

Attack Vector

NETWORK

Attack Complexity

MEDIUM

Authentication

NONE

Confidentiality Impact

COMPLETE

Integrity Impact

COMPLETE

Availability Impact

COMPLETE

AV:N/AC:M/Au:N/C:C/I:C/A:C

7.4 High

AI Score

Confidence

Low

0.834 High

EPSS

Percentile

98.5%

JSON

Use-after-free vulnerability in Microsoft Internet Explorer 9 allows remote attackers to execute arbitrary code via a crafted web site that triggers access to a deleted object, aka “Internet Explorer InsertElement Use After Free Vulnerability.”

Affected configurations

NVD

Node

microsoftinternet_explorerMatch9

AND

microsoftwindows_7x64

microsoftwindows_7x86

microsoftwindows_7sp1x64

microsoftwindows_7sp1x86

microsoftwindows_server_2008r2x64

microsoftwindows_server_2008sp2x64

microsoftwindows_server_2008sp2x86

microsoftwindows_vistasp2

CPENameOperatorVersion
microsoft:internet_explorermicrosoft internet explorereq9

CPE	Name	Operator	Version
microsoft:internet_explorer	microsoft internet explorer	eq	9

References

www.us-cert.gov/cas/techalerts/TA13-043B.html

docs.microsoft.com/en-us/security-updates/securitybulletins/2013/ms13-009

oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A16472

9.3 High

CVSS2

Attack Vector

NETWORK

Attack Complexity

MEDIUM

Authentication

NONE

Confidentiality Impact

COMPLETE

Integrity Impact

COMPLETE

Availability Impact

COMPLETE

AV:N/AC:M/Au:N/C:C/I:C/A:C

7.4 High

AI Score

Confidence

Low

0.834 High

EPSS

Percentile

98.5%

JSON

Related for CVE-2013-0026

prion1 seebug1 nvd1 checkpoint_advisories1 cvelist1 mskb1 openvas2 nessus1 securityvulns1