6 matches found
Internet Explorer 8 Exploit Found in Watering Hole Campaign Targeting Chinese Dissidents
On March 16th, we discovered a premeditated waterhole campaign that hosts exploits and malware on websites frequented by a specific target group. In this case the target includes Chinese dissidents. For the attacker, this approach is highly attractive since it is very difficult to discover the...
Microsoft Internet Explorer Multiple Use After Free Vulnerabilities (2809289)
This host is missing a critical security update according to Microsoft Bulletin MS13-021. OpenVAS Vulnerability Test $Id: secpodms13-021.nasl 6115 2017-05-12 09:03:25Z teissa $ Microsoft Internet Explorer Multiple Use After Free Vulnerabilities 2809289 Authors: Thanga Prakash S Copyright: Copyrig...
CVE-2013-1288
CVE-2013-1288 is a use-after-free vulnerability in Microsoft Internet Explorer 8 (CTreeNode) that enables remote code execution via a crafted webpage. The NVD entry lists a high impact (CVSS v2 base 9.3) with network access, no user interaction, and complete confidentiality/integrity/availability...
Microsoft Internet Explorer CVE-2013-1288 Use-After-Free Remote Code Execution Vulnerability
Description Microsoft Internet Explorer is prone to a remote code-execution vulnerability. Attackers can exploit this issue by enticing an unsuspecting user to view a specially crafted webpage. Attackers can exploit this issue to execute arbitrary code in the context of the currently logged-in...
Internet Explorer CTreeNode Use After Free Remote Code Execution (MS13-021; CVE-2013-1288)
A remote code execution vulnerability has been reported in Microsoft Internet Explorer. The vulnerability is due to an error in the way Internet Explorer accesses an object in memory that has been deleted. A remote attacker can exploit this issue by enticing a target victim to open a specially...
MS13-021: Security Update for Internet Explorer (2809289)
The remote host is missing Internet Explorer IE Security Update 2809289. The installed version of IE is affected by multiple vulnerabilities that could allow an attacker to execute arbitrary code on the remote host. C Tenable Network Security, Inc. include"compat.inc"; if description scriptid6521...