Lucene search
K
Database
Vendors
Products
Years
CVSS
Scanner
Agent Scanning
API Scanning
Manual Audit
Perimeter Scanner
Scanning
Projects
Email
Webhook
Plugins
Resources
Documents
Blog
Glossary
FAQ
Pricing
Contacts
About Us
Partners
Branding Guideline
saintSAINT CorporationSAINT:A17E102EDEAD18E07A5012BE2B787BF6
HistorySep 05, 2013 - 12:00 a.m.

Internet Explorer CFlatMarkupPointer Object Handling Use-after-free Vulnerability

2013-09-0500:00:00
SAINT Corporation
www.saintcorporation.com
12

0.97 High

EPSS

Percentile

99.8%

JSON

Added: 09/05/2013
CVE: CVE-2013-3184
BID: 61668
OSVDB: 96182

Background

Internet Explorer is an HTML web browser which comes by default on Microsoft operating systems.

Problem

A user-after-free vulnerability when handling the **InsertImage** command identifier of **CFlatMarkupPointer** objects in a web page allows arbitrary command execution.

Resolution

Apply the update referenced in Microsoft Security Bulletin 13-059.

References

<http://www.zerodayinitiative.com/advisories/ZDI-13-195/&gt;

Limitations

This exploit was tested against Microsoft Internet Explorer 9 on Windows 7 SP1 (DEP OptIn).

JRE 6 must be installed on Windows 7.

The user must open the exploit file in Microsoft Internet Explorer 9.

Platforms

Windows

Related

saint 3
attackerkb 1
symantec 1
checkpoint_advisories 1
nvd 1
zdi 2
cve 1
zdt 1
packetstorm 1
prion 1
cvelist 1
mskb 1
nessus 1
openvas 2
securityvulns 1
saint
saint
Internet Explorer CFlatMarkupPointer Object Handling Use-after-free Vulnerability
2013-09-05 00:00:00
Internet Explorer CFlatMarkupPointer Object Handling Use-after-free Vulnerability
2013-09-05 00:00:00
Internet Explorer CFlatMarkupPointer Object Handling Use-after-free Vulnerability
2013-09-05 00:00:00
attackerkb
attackerkb
Microsoft Internet Explorer EnsureRecalcNotify Use-After-Free
2013-08-14 00:00:00
symantec
symantec
Microsoft Internet Explorer CVE-2013-3184 Memory Corruption Vulnerability
2013-08-13 00:00:00
checkpoint_advisories
checkpoint_advisories
Microsoft Internet Explorer Memory Corruption (MS13-059: CVE-2013-3184)
2013-08-13 00:00:00
nvd
nvd
CVE-2013-3184
2013-08-14 11:10:36
zdi
zdi
Microsoft Internet Explorer CreateMarkupPointer2 Use-After-Free Remote Code Execution Vulnerability
2013-08-13 00:00:00
Microsoft Internet Explorer CFlatMarkupPointer Use-After-Free Remote Code Execution Vulnerability
2013-08-13 00:00:00
cve
cve
CVE-2013-3184
2013-08-14 11:10:36
zdt
zdt
MS13-059 Microsoft Internet Explorer CFlatMarkupPointer Use-After-Free
2013-09-04 00:00:00
packetstorm
packetstorm
MS13-059 Microsoft Internet Explorer CFlatMarkupPointer Use-After-Free
2013-09-04 00:00:00
prion
prion
Memory corruption
2013-08-14 11:10:00
cvelist
cvelist
CVE-2013-3184
2013-08-14 10:00:00
mskb
mskb
MS13-059: Cumulative security update for Internet Explorer: August 13, 2013
2013-08-13 00:00:00
nessus
nessus
MS13-059: Cumulative Security Update for Internet Explorer (2862772)
2013-08-14 00:00:00
openvas
openvas
Microsoft Internet Explorer Multiple Vulnerabilities (2862772)
2013-08-14 00:00:00
Microsoft Internet Explorer Multiple Vulnerabilities (2862772)
2013-08-14 00:00:00
securityvulns
securityvulns
Microsoft Internet Explorer multiple security vulnerabilities
2013-09-09 00:00:00

0.97 High

EPSS

Percentile

99.8%

JSON
Related for SAINT:A17E102EDEAD18E07A5012BE2B787BF6
saint3attackerkb1symantec1checkpoint_advisories1nvd1zdi2cve1zdt1packetstorm1prion1cvelist1mskb1nessus1openvas2securityvulns1