vendor:
Internet Explorer
by:
Unknown, EMH, juan vazquez, sinn3r
N/A
CVSS
N/A
Use-After-Free
416
CWE
Product Name: Internet Explorer
Affected Version From: IE 8
Affected Version To: IE 8
Patch Exists: YES
Related CWE: CVE-2013-1347
CPE: a:microsoft:internet_explorer:8.0
Metasploit:
N/A
Other Scripts:
N/A
Tags: N/A
CVSS Metrics: N/A
Nuclei References:
N/A
Nuclei Metadata: N/A
Platforms Tested: Windows XP SP3
2013
Microsoft Internet Explorer CGenericElement Object Use-After-Free Vulnerability
This module exploits a vulnerability found in Microsoft Internet Explorer. A use-after-free condition occurs when a CGenericElement object is freed, but a reference is kept on the Document and used again during rendering, an invalid memory that's controllable is used, and allows arbitrary code execution under the context of the user.
Mitigation:
Please refer to Microsoft Security Advisory 2847140 for more information and mitigation details.
