Lucene search
K
Database
Vendors
Products
Years
CVSS
Scanner
Agent Scanning
API Scanning
Manual Audit
Perimeter Scanner
Scanning
Projects
Email
Webhook
Plugins
Resources
Documents
Blog
Glossary
FAQ
Pricing
Contacts
About Us
Partners
Branding Guideline
zdiPeter 'corelanc0d3r' Van Eeckhoutte - Corelan - www.corelangcv.comZDI-13-194
HistoryAug 13, 2013 - 12:00 a.m.

Microsoft Internet Explorer CreateMarkupPointer2 Use-After-Free Remote Code Execution Vulnerability

2013-08-1300:00:00
Peter 'corelanc0d3r' Van Eeckhoutte - Corelan - www.corelangcv.com
www.zerodayinitiative.com
11

0.97 High

EPSS

Percentile

99.8%

JSON

This vulnerability allows remote attackers to execute arbitrary code on vulnerable installations of Microsoft Internet Explorer. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists within the usage of an object created by CreateMarkupPointer2. The process can be forced to reuse a dangling pointer of the object resulting in a use-after-free condition. An attacker can leverage this situation to execute code under the context of the user running the browser.

Related

checkpoint_advisories 1
nvd 1
symantec 1
saint 4
attackerkb 1
zdt 1
packetstorm 1
cvelist 1
cve 1
zdi 1
prion 1
mskb 1
securityvulns 1
openvas 2
nessus 1
checkpoint_advisories
checkpoint_advisories
Microsoft Internet Explorer Memory Corruption (MS13-059: CVE-2013-3184)
2013-08-13 00:00:00
nvd
nvd
CVE-2013-3184
2013-08-14 11:10:36
symantec
symantec
Microsoft Internet Explorer CVE-2013-3184 Memory Corruption Vulnerability
2013-08-13 00:00:00
saint
saint
Internet Explorer CFlatMarkupPointer Object Handling Use-after-free Vulnerability
2013-09-05 00:00:00
Internet Explorer CFlatMarkupPointer Object Handling Use-after-free Vulnerability
2013-09-05 00:00:00
Internet Explorer CFlatMarkupPointer Object Handling Use-after-free Vulnerability
2013-09-05 00:00:00
attackerkb
attackerkb
Microsoft Internet Explorer EnsureRecalcNotify Use-After-Free
2013-08-14 00:00:00
zdt
zdt
MS13-059 Microsoft Internet Explorer CFlatMarkupPointer Use-After-Free
2013-09-04 00:00:00
packetstorm
packetstorm
MS13-059 Microsoft Internet Explorer CFlatMarkupPointer Use-After-Free
2013-09-04 00:00:00
cvelist
cvelist
CVE-2013-3184
2013-08-14 10:00:00
cve
cve
CVE-2013-3184
2013-08-14 11:10:36
zdi
zdi
Microsoft Internet Explorer CFlatMarkupPointer Use-After-Free Remote Code Execution Vulnerability
2013-08-13 00:00:00
prion
prion
Memory corruption
2013-08-14 11:10:00
mskb
mskb
MS13-059: Cumulative security update for Internet Explorer: August 13, 2013
2013-08-13 00:00:00
securityvulns
securityvulns
Microsoft Internet Explorer multiple security vulnerabilities
2013-09-09 00:00:00
openvas
openvas
Microsoft Internet Explorer Multiple Vulnerabilities (2862772)
2013-08-14 00:00:00
Microsoft Internet Explorer Multiple Vulnerabilities (2862772)
2013-08-14 00:00:00
nessus
nessus
MS13-059: Cumulative Security Update for Internet Explorer (2862772)
2013-08-14 00:00:00

0.97 High

EPSS

Percentile

99.8%

JSON
Related for ZDI-13-194
checkpoint_advisories1nvd1symantec1saint4attackerkb1zdt1packetstorm1cvelist1cve1zdi1prion1mskb1securityvulns1openvas2nessus1