Lucene search
K
Database
Vendors
Products
Years
CVSS
Scanner
Agent Scanning
API Scanning
Manual Audit
Perimeter Scanner
Scanning
Projects
Email
Webhook
Plugins
Resources
Documents
Blog
Glossary
FAQ
Pricing
Contacts
About Us
Partners
Branding Guideline
openvasCopyright (C) 2013 Greenbone AGOPENVAS:1361412562310803395
HistoryMay 06, 2013 - 12:00 a.m.

MS Internet Explorer Remote Code Execution Vulnerability (2847140)

2013-05-0600:00:00
Copyright (C) 2013 Greenbone AG
plugins.openvas.org
28

6.3 Medium

AI Score

Confidence

Low

9.3 High

CVSS2

Access Vector

NETWORK

Access Complexity

MEDIUM

Authentication

NONE

Confidentiality Impact

COMPLETE

Integrity Impact

COMPLETE

Availability Impact

COMPLETE

AV:N/AC:M/Au:N/C:C/I:C/A:C

0.973 High

EPSS

Percentile

99.9%

JSON

This host is missing a critical security update according to
Microsoft Bulletin MS13-038.

# SPDX-FileCopyrightText: 2013 Greenbone AG
# Some text descriptions might be excerpted from (a) referenced
# source(s), and are Copyright (C) by the respective right holder(s).
#
# SPDX-License-Identifier: GPL-2.0-only

if(description)
{
  script_oid("1.3.6.1.4.1.25623.1.0.803395");
  script_version("2023-07-27T05:05:08+0000");
  script_xref(name:"CISA", value:"Known Exploited Vulnerability (KEV) catalog");
  script_xref(name:"URL", value:"https://www.cisa.gov/known-exploited-vulnerabilities-catalog");
  script_cve_id("CVE-2013-1347");
  script_tag(name:"cvss_base", value:"9.3");
  script_tag(name:"cvss_base_vector", value:"AV:N/AC:M/Au:N/C:C/I:C/A:C");
  script_tag(name:"last_modification", value:"2023-07-27 05:05:08 +0000 (Thu, 27 Jul 2023)");
  script_tag(name:"creation_date", value:"2013-05-06 18:35:10 +0530 (Mon, 06 May 2013)");
  script_name("MS Internet Explorer Remote Code Execution Vulnerability (2847140)");
  script_xref(name:"URL", value:"http://support.microsoft.com/kb/2847140");
  script_xref(name:"URL", value:"http://www.securityfocus.com/bid/59641");
  script_xref(name:"URL", value:"http://www.exploit-db.com/exploits/25294");
  script_xref(name:"URL", value:"https://technet.microsoft.com/en-us/security/bulletin/ms13-038");
  script_category(ACT_GATHER_INFO);
  script_tag(name:"qod_type", value:"executable_version");
  script_copyright("Copyright (C) 2013 Greenbone AG");
  script_family("Windows : Microsoft Bulletins");
  script_dependencies("gb_ms_ie_detect.nasl");
  script_require_ports(139, 445);
  script_mandatory_keys("MS/IE/Version");

  script_tag(name:"impact", value:"Successful exploitation will allow remote attackers to execute arbitrary code
  and failed attacks will cause denial of service conditions.");

  script_tag(name:"affected", value:"Microsoft Internet Explorer version 8.x and 9.x.");

  script_tag(name:"insight", value:"use-after-free error when handling 'CGenericElement'");

  script_tag(name:"solution", value:"The vendor has released updates. Please see the references for more information.");

  script_tag(name:"solution_type", value:"VendorFix");

  script_tag(name:"summary", value:"This host is missing a critical security update according to
  Microsoft Bulletin MS13-038.");

  exit(0);
}

include("smb_nt.inc");
include("secpod_reg.inc");
include("version_func.inc");
include("secpod_smb_func.inc");

if(hotfix_check_sp(xp:4, win2003:3, winVista:3, win7:2, win2008:3) <= 0){
  exit(0);
}

ieVer = get_kb_item("MS/IE/Version");
if(!ieVer || ieVer !~ "^[89]\."){
  exit(0);
}

sysPath = smb_get_systemroot();
if(!sysPath ){
  exit(0);
}

dllVer = fetch_file_version(sysPath:sysPath, file_name:"system32\Mshtml.dll");
if(!dllVer){
  exit(0);
}

if(hotfix_check_sp(xp:4, win2003:3) > 0)
{
  if(version_in_range(version:dllVer, test_version:"8.0.6001.18000", test_version2:"8.0.6001.23486")){
    security_message( port: 0, data: "The target host was found to be vulnerable" );
  }
  exit(0);
}

else if(hotfix_check_sp(winVista:3, win2008:3) > 0)
{
  if(version_in_range(version:dllVer, test_version:"8.0.6001.18000", test_version2:"8.0.6001.19420")||
     version_in_range(version:dllVer, test_version:"8.0.6001.20000", test_version2:"8.0.6001.23486")||
     version_in_range(version:dllVer, test_version:"9.0.8112.16000", test_version2:"9.0.8112.16483")||
     version_in_range(version:dllVer, test_version:"9.0.8112.20000", test_version2:"9.0.8112.20593")){
    security_message( port: 0, data: "The target host was found to be vulnerable" );
  }
  exit(0);
}

else if(hotfix_check_sp(win7:2) > 0)
{
  if(version_in_range(version:dllVer, test_version:"8.0.7601.16000", test_version2:"8.0.7601.18128")||
     version_in_range(version:dllVer, test_version:"8.0.7601.21000", test_version2:"8.0.7601.22298")||
     version_in_range(version:dllVer, test_version:"9.0.8112.16000", test_version2:"9.0.8112.16483")||
     version_in_range(version:dllVer, test_version:"9.0.8112.20000", test_version2:"9.0.8112.20593")){
    security_message( port: 0, data: "The target host was found to be vulnerable" );
  }
  exit(0);
}

Related

symantec 5
saint 4
threatpost 6
cert 1
packetstorm 1
zdt 1
nessus 2
seebug 2
cve 1
attackerkb 2
openvas 1
prion 1
cisa_kev 1
checkpoint_advisories 2
securityvulns 1
symantec
symantec
Microsoft Internet Explorer CVE-2013-1347 Use-After-Free Remote Code Execution Vulnerability
2013-05-03 00:00:00
Adobe Acrobat and Reader CVE-2010-0188 Remote Code Execution Vulnerability
2010-02-11 00:00:00
Oracle Java Runtime Environment CVE-2013-2423 Security Bypass Vulnerability
2013-04-16 00:00:00
saint
saint
Internet Explorer CGenericElement Object Use-after-free Vulnerability
2013-05-08 00:00:00
Internet Explorer CGenericElement Object Use-after-free Vulnerability
2013-05-08 00:00:00
Internet Explorer CGenericElement Object Use-after-free Vulnerability
2013-05-08 00:00:00
threatpost
threatpost
USAID a Target of DoL Watering Hole Attackers
2013-05-13 10:52:56
Microsoft Patches IE Zero Day Used In Watering Hole Attack
2013-05-14 16:14:18
IE 8 Zero Day Widens Scope of DoL Watering Hole Attack
2013-05-06 11:14:47
cert
cert
Microsoft Internet Explorer 8 CGenericElement object use-after-free vulnerability
2013-05-06 00:00:00
packetstorm
packetstorm
Microsoft Internet Explorer CGenericElement Object Use-After-Free
2013-05-07 00:00:00
zdt
zdt
Microsoft Internet Explorer CGenericElement Object Use-After-Free
2013-05-07 00:00:00
nessus
nessus
MS KB2847140: Vulnerability in Internet Explorer 8 Could Allow Remote Code Execution (deprecated)
2013-05-09 00:00:00
MS13-038: Security Update for Internet Explorer (2847204)
2013-05-15 00:00:00
seebug
seebug
Microsoft IE 8θΏœη¨‹δ»£η ζ‰§θ‘ŒζΌζ΄ž(CVE-2013-1347)
2013-05-07 00:00:00
Microsoft Internet Explorer ι‡Šζ”ΎεŽι‡η”¨θΏœη¨‹δ»£η ζ‰§θ‘ŒζΌζ΄ž(CVE-2013-1347)(MS13-038)
2013-05-17 00:00:00
cve
cve
CVE-2013-1347
2013-05-05 11:07:00
attackerkb
attackerkb
Microsoft Internet Explorer CGenericElement Use-After-Free
2013-05-05 00:00:00
Microsoft Internet Explorer SetMouseCapture Use-After-Free
2020-10-14 00:00:00
openvas
openvas
MS Internet Explorer Remote Code Execution Vulnerability (2847140)
2013-05-06 00:00:00
prion
prion
Code injection
2013-05-05 11:07:00
cisa_kev
cisa_kev
Microsoft Internet Explorer Remote Code Execution Vulnerability
2022-03-03 00:00:00
checkpoint_advisories
checkpoint_advisories
Microsoft Internet Explorer 8 Use After Free Code Execution - Zero Day (CVE-2013-1347)
2013-05-05 00:00:00
Infinity Exploit Kit Landing Page (CVE-2013-1347; CVE-2013-2423; CVE-2013-2465; CVE-2014-0322; CVE-2014-0502; CVE-2014-1776)
2014-06-10 00:00:00
securityvulns
securityvulns
Microsoft Internet Explorer multiple security vulnerabilities
2013-05-27 00:00:00

6.3 Medium

AI Score

Confidence

Low

9.3 High

CVSS2

Access Vector

NETWORK

Access Complexity

MEDIUM

Authentication

NONE

Confidentiality Impact

COMPLETE

Integrity Impact

COMPLETE

Availability Impact

COMPLETE

AV:N/AC:M/Au:N/C:C/I:C/A:C

0.973 High

EPSS

Percentile

99.9%

JSON
Related for OPENVAS:1361412562310803395
symantec5saint4threatpost6cert1packetstorm1zdt1nessus2seebug2cve1attackerkb2openvas1prion1cisa_kev1checkpoint_advisories2securityvulns1