CVSS2
Attack Vector
NETWORK
Attack Complexity
MEDIUM
Authentication
NONE
Confidentiality Impact
COMPLETE
Integrity Impact
COMPLETE
Availability Impact
COMPLETE
AV:N/AC:M/Au:N/C:C/I:C/A:C
EPSS
Percentile
99.8%
Added: 09/05/2013
CVE: CVE-2013-3184
BID: 61668
OSVDB: 96182
Internet Explorer is an HTML web browser which comes by default on Microsoft operating systems.
A user-after-free vulnerability when handling the **InsertImage**
command identifier of **CFlatMarkupPointer**
objects in a web page allows arbitrary command execution.
Apply the update referenced in Microsoft Security Bulletin 13-059.
<http://www.zerodayinitiative.com/advisories/ZDI-13-195/>
This exploit was tested against Microsoft Internet Explorer 9 on Windows 7 SP1 (DEP OptIn).
JRE 6 must be installed on Windows 7.
The user must open the exploit file in Microsoft Internet Explorer 9.
Windows