Lucene search
K
Database
Vendors
Products
Years
CVSS
Scanner
Agent Scanning
API Scanning
Manual Audit
Perimeter Scanner
Scanning
Projects
Email
Webhook
Plugins
Resources
Documents
Blog
Glossary
FAQ
Pricing
Contacts
About Us
Partners
Branding Guideline
saintSAINT CorporationSAINT:1F0643789B8B889404FDB49E2A213F9C
HistoryOct 03, 2013 - 12:00 a.m.

Internet Explorer CCaret UpdateScreenCaret Memory Corruption

2013-10-0300:00:00
SAINT Corporation
download.saintcorporation.com
16

0.97 High

EPSS

Percentile

99.8%

JSON

Added: 10/03/2013
CVE: CVE-2013-3205
BID: 62208
OSVDB: 97094

Background

Internet Explorer is an HTML web browser which comes by default on Microsoft operating systems.

Problem

Microsoft Internet Explorer contains a use-after-free error that is triggered when handling a **CCaret** object. The vulnerability exists in the **UpdateScreenCaret()** function in **mshtml.dll**. An attacker who convinces a user to open a specially crafted page in the vulnerable version of Internet Explorer could execute arbitrary code in the context of the user.

Resolution

Apply the KB2870699 update for Internet Explorer.

References

<http://www.zerodayinitiative.com/advisories/ZDI-13-217/&gt;

Limitations

The user must open the exploit in Internet Explorer 8.

JRE 6 must be installed on Windows 7.

Platforms

Windows

Related

zdt 1
symantec 1
cvelist 1
cve 1
packetstorm 1
prion 1
saint 3
checkpoint_advisories 1
nvd 1
zdi 1
attackerkb 1
openvas 1
mskb 1
securityvulns 1
nessus 1
zdt
zdt
MS13-069 Microsoft Internet Explorer CCaret Use-After-Free
2013-09-21 00:00:00
symantec
symantec
Microsoft Internet Explorer CVE-2013-3205 Memory Corruption Vulnerability
2013-09-10 00:00:00
cvelist
cvelist
CVE-2013-3205
2013-09-11 10:00:00
cve
cve
CVE-2013-3205
2013-09-11 14:03:48
packetstorm
packetstorm
MS13-069 Microsoft Internet Explorer CCaret Use-After-Free
2013-09-20 00:00:00
prion
prion
Memory corruption
2013-09-11 14:03:00
saint
saint
Internet Explorer CCaret UpdateScreenCaret Memory Corruption
2013-10-03 00:00:00
Internet Explorer CCaret UpdateScreenCaret Memory Corruption
2013-10-03 00:00:00
Internet Explorer CCaret UpdateScreenCaret Memory Corruption
2013-10-03 00:00:00
checkpoint_advisories
checkpoint_advisories
Microsoft Internet Explorer Memory Corruption (MS13-069: CVE-2013-3205)
2013-09-10 00:00:00
nvd
nvd
CVE-2013-3205
2013-09-11 14:03:48
zdi
zdi
Microsoft Internet Explorer CCaret Use-After-Free Remote Code Execution Vulnerability
2013-09-11 00:00:00
attackerkb
attackerkb
Microsoft Internet Explorer CCaret Use-After-Free
2013-09-11 00:00:00
openvas
openvas
Microsoft Internet Explorer Multiple Memory Corruption Vulnerabilities (2870699)
2013-09-11 00:00:00
mskb
mskb
MS13-069: Cumulative security update for Internet Explorer: September 10, 2013
2013-09-10 00:00:00
securityvulns
securityvulns
Microsoft Internet Explorer multiple security vulnerabilities
2013-09-11 00:00:00
nessus
nessus
MS13-069: Cumulative Security Update for Internet Explorer (2870699)
2013-09-11 00:00:00

0.97 High

EPSS

Percentile

99.8%

JSON
Related for SAINT:1F0643789B8B889404FDB49E2A213F9C
zdt1symantec1cvelist1cve1packetstorm1prion1saint3checkpoint_advisories1nvd1zdi1attackerkb1openvas1mskb1securityvulns1nessus1