Lucene search
AnonymousZDI-13-146HistoryJun 27, 2013 - 12:00 a.m.
Microsoft Internet Explorer CTreeNode Use-After-Free Remote Code Execution Vulnerability
2013-06-2700:00:00
Anonymous
www.zerodayinitiative.com
13
0.807 High
EPSS
Percentile
98.3%
This vulnerability allows remote attackers to execute arbitrary code on vulnerable installations of Microsoft Internet Explorer. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists within the handling of CTreeNode objects. Specifically crafted DOM manipulations can be used to cause a use-after-free condition on the CTreeNode object. An attacker may be able to leverage this situation to execute code under the context of the user running the browser.
Related
symantec
symantec
Microsoft Internet Explorer CVE-2013-3141 Memory Corruption Vulnerability
2013-06-11 00:00:00
cvelist
cvelist
CVE-2013-3110
2013-06-12 01:00:00
CVE-2013-3141
2013-06-12 01:00:00
nvd
nvd
CVE-2013-3141
2013-06-12 03:30:15
CVE-2013-3110
2013-06-12 03:29:59
prion
prion
Memory corruption
2013-06-12 03:30:00
Memory corruption
2013-06-12 03:29:00
cve
cve
CVE-2013-3110
2013-06-12 03:29:59
CVE-2013-3141
2013-06-12 03:30:15
nessus
nessus
MS13-047: Cumulative Security Update for Internet Explorer (2838727)
2013-06-11 00:00:00
mskb
mskb
MS13-047: Cumulative security update for Internet Explorer: June 11, 2013
2013-06-11 00:00:00
openvas
openvas
Microsoft Internet Explorer Multiple Vulnerabilities (2838727)
2013-06-12 00:00:00
Microsoft Internet Explorer Multiple Vulnerabilities (2838727)
2013-06-12 00:00:00
securityvulns
securityvulns
Microsoft Internet Explorer multiple security vulnerabilities
2013-06-12 00:00:00