Lucene search

K
jvnJapan Vulnerability NotesJVN:27443259
HistorySep 19, 2013 - 12:00 a.m.

JVN#27443259: Internet Explorer vulnerable to arbitrary code execution

2013-09-1900:00:00
Japan Vulnerability Notes
jvn.jp
22

9.3 High

CVSS2

Access Vector

NETWORK

Access Complexity

MEDIUM

Authentication

NONE

Confidentiality Impact

COMPLETE

Integrity Impact

COMPLETE

Availability Impact

COMPLETE

AV:N/AC:M/Au:N/C:C/I:C/A:C

0.964 High

EPSS

Percentile

99.5%

Internet Explorer contains a vulnerability that may allow arbitrary code execution.

According to Microsoft, targeted attacks that attempt to exploit this vulnerability have been confirmed but are limited.

Impact

If a user views a specially crafted web page, an arbitrary code may be executed.

Solution

Apply an update
Apply Cumulative Security Update for Internet Explorer (2879017) according to the information provided by Microsoft.

**Apply a workaround **The following workarounds may mitigate the affects of this vulnerability.

Products Affected

  • Microsoft Internet Explorer 6.0
  • Windows Internet Explorer 7
  • Windows Internet Explorer 8
  • Windows Internet Explorer 9
  • Internet Explorer 10
  • Internet Explorer 11

9.3 High

CVSS2

Access Vector

NETWORK

Access Complexity

MEDIUM

Authentication

NONE

Confidentiality Impact

COMPLETE

Integrity Impact

COMPLETE

Availability Impact

COMPLETE

AV:N/AC:M/Au:N/C:C/I:C/A:C

0.964 High

EPSS

Percentile

99.5%