6 matches found
Microsoft Internet Explorer MSHTML CDispNode::InsertSiblingNode Use-After-Free
Since November I have been releasing details on all vulnerabilities I found that I have not released before. This is the twenty-seventh entry in the series. This information is available in more detail on my blog at http://blog.skylined.nl/20161207001.html. There you can find a repro that trigger...
CVE-2013-1309
creationtimestamp| type| source ---|---|--- 2016-12-09 00:00:00+00:00| exploited| https://www.exploit-db.com/exploits/40893 2025-08-31 03:01:18+00:00| seen| MISP/ab0b745f-bbd5-338e-8b92-97dd0c757e9d 2025-08-31 03:12:53+00:00| seen| MISP/d17bd6ef-d68b-317b-ac33-cdbc44c5fc57...
Internet Explorer CDispNode Use-after-free (MS13-037; CVE-2013-1309)
A Code Execution vulnerability exists in Internet Explorer. An attacker who successfully exploited these vulnerabilities could gain the same user rights as the current user. When Internet Explorer attempts to access an object in memory that has been deleted, it may corrupt memory in such a way th...
CVE-2013-1309
Use-after-free vulnerability in Microsoft Internet Explorer 6 through 10 allows remote attackers to execute arbitrary code via a crafted web site that triggers access to a deleted object, aka "Internet Explorer Use After Free Vulnerability," a different vulnerability than CVE-2013-1308 and...
Design/Logic Flaw
Use-after-free vulnerability in Microsoft Internet Explorer 6 through 10 allows remote attackers to execute arbitrary code via a crafted web site that triggers access to a deleted object, aka "Internet Explorer Use After Free Vulnerability," a different vulnerability than CVE-2013-1309 and...
CVE-2013-1309
CVE-2013-1309 corresponds to the Internet Explorer Use-After-Free vulnerability (MS13-037) affecting IE 6–10. The issue arises from use-after-free in memory handling (notably related to CDispNode/vgx.dll) when processing certain web content, enabling remote code execution via a crafted site. Publ...