Lucene search
Jose A. Vazquez of Yenteasy - Security Research -ZDI-13-216HistorySep 11, 2013 - 12:00 a.m.
Microsoft Internet Explorer CTreePos Type Confusion Remote Code Execution Vulnerability
2013-09-1100:00:00
Jose A. Vazquez of Yenteasy - Security Research -
www.zerodayinitiative.com
9
0.843 High
EPSS
Percentile
98.5%
This vulnerability allows remote attackers to execute arbitrary code on vulnerable installations of Microsoft Internet Explorer. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists within the handling of CTreePos objects. The issue lies in the usage of the SelectAll execCommand. An attacker can leverage this situation to execute code under the context of the user running the browser.
Related
prion
prion
Memory corruption
2013-09-11 14:03:00
nvd
nvd
CVE-2013-3202
2013-09-11 14:03:48
cve
cve
CVE-2013-3202
2013-09-11 14:03:48
symantec
symantec
Microsoft Internet Explorer CVE-2013-3202 Memory Corruption Vulnerability
2013-09-10 00:00:00
checkpoint_advisories
checkpoint_advisories
Microsoft Internet Explorer Memory Corruption (MS13-069: CVE-2013-3202)
2013-09-10 00:00:00
cvelist
cvelist
CVE-2013-3202
2013-09-11 10:00:00
openvas
openvas
mskb
mskb
securityvulns
securityvulns
Microsoft Internet Explorer multiple security vulnerabilities
2013-09-11 00:00:00
nessus
nessus
MS13-069: Cumulative Security Update for Internet Explorer (2870699)
2013-09-11 00:00:00