exploitDog

CVE-2013-3846

Опубликовано: 29 дек. 2013

Источник: nvd

CVSS2: 9.3

EPSS Средний

Описание

Use-after-free vulnerability in Microsoft Internet Explorer 9 and 10 allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via a crafted CSpliceTreeEngine::InsertSplice object in an HTML document, aka "Internet Explorer Memory Corruption Vulnerability," a different vulnerability than CVE-2013-3143 and CVE-2013-3161.

Ссылки

Уязвимые конфигурации

Конфигурация 1

Одно из

cpe:2.3:a:microsoft:internet_explorer:9:*:*:*:*:*:*:*

cpe:2.3:a:microsoft:internet_explorer:10:*:*:*:*:*:*:*

EPSS

Процентиль: 98%

0.53954

Средний

9.3 Critical

CVSS2

Дефекты

CWE-399

Связанные уязвимости

GHSA-49hr-9mq4-ccxr

github

больше 3 лет назад

Use-after-free vulnerability in Microsoft Internet Explorer 9 and 10 allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via a crafted CSpliceTreeEngine::InsertSplice object in an HTML document, aka "Internet Explorer Memory Corruption Vulnerability," a different vulnerability than CVE-2013-3143 and CVE-2013-3161.

EPSS

Процентиль: 98%

0.53954

Средний

9.3 Critical

CVSS2

Дефекты

CWE-399