Lucene search
K
Database
Vendors
Products
Years
CVSS
Scanner
Agent Scanning
API Scanning
Manual Audit
Perimeter Scanner
Scanning
Projects
Email
Webhook
Plugins
Resources
Documents
Blog
Glossary
FAQ
Pricing
Contacts
About Us
Partners
Branding Guideline
zdiAnonymousZDI-13-138
HistoryJun 27, 2013 - 12:00 a.m.

Microsoft Internet Explorer runtimeStyle Use-After-Free Remote Code Execution Vulnerability

2013-06-2700:00:00
Anonymous
www.zerodayinitiative.com
17

9.3 High

CVSS2

Access Vector

NETWORK

Access Complexity

MEDIUM

Authentication

NONE

Confidentiality Impact

COMPLETE

Integrity Impact

COMPLETE

Availability Impact

COMPLETE

AV:N/AC:M/Au:N/C:C/I:C/A:C

0.807 High

EPSS

Percentile

98.3%

JSON

This vulnerability allows remote attackers to execute arbitrary code on vulnerable installations of Microsoft Internet Explorer. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists within the runtimeStyle processing. After one of its properties are affected, an element can be removed resulting in a use-after-free condition. An attacker can leverage this situation to execute code under the context of the user running the browser.

Related

symantec 1
checkpoint_advisories 1
prion 5
cvelist 5
cve 5
nessus 1
mskb 1
openvas 2
securityvulns 1
symantec
symantec
Microsoft Internet Explorer CVE-2013-3121 Use After Free Memory Corruption Vulnerability
2013-06-11 00:00:00
checkpoint_advisories
checkpoint_advisories
Internet Explorer Text Element Use After Free (MS13-047; CVE-2013-3121)
2013-06-11 00:00:00
prion
prion
Memory corruption
2013-06-12 03:30:00
Memory corruption
2013-06-12 03:29:00
Memory corruption
2013-06-12 03:30:00
cvelist
cvelist
CVE-2013-3121
2013-06-12 01:00:00
CVE-2013-3142
2013-06-12 01:00:00
CVE-2013-3112
2013-06-12 01:00:00
cve
cve
CVE-2013-3139
2013-06-12 03:30:00
CVE-2013-3142
2013-06-12 03:30:00
CVE-2013-3113
2013-06-12 03:29:00
nessus
nessus
MS13-047: Cumulative Security Update for Internet Explorer (2838727)
2013-06-11 00:00:00
mskb
mskb
MS13-047: Cumulative security update for Internet Explorer: June 11, 2013
2013-06-11 00:00:00
openvas
openvas
Microsoft Internet Explorer Multiple Vulnerabilities (2838727)
2013-06-12 00:00:00
Microsoft Internet Explorer Multiple Vulnerabilities (2838727)
2013-06-12 00:00:00
securityvulns
securityvulns
Microsoft Internet Explorer multiple security vulnerabilities
2013-06-12 00:00:00

9.3 High

CVSS2

Access Vector

NETWORK

Access Complexity

MEDIUM

Authentication

NONE

Confidentiality Impact

COMPLETE

Integrity Impact

COMPLETE

Availability Impact

COMPLETE

AV:N/AC:M/Au:N/C:C/I:C/A:C

0.807 High

EPSS

Percentile

98.3%

JSON
Related for ZDI-13-138
symantec1checkpoint_advisories1prion5cvelist5cve5nessus1mskb1openvas2securityvulns1