CVE-2013-3893

Warnung

Exploit

EPSS 85.92%
Veröffentlicht 18.09.2013 10:08:24
Zuletzt bearbeitet 13.08.2025 01:00:01
Quelle secure@microsoft.com
Teams Watchlist Login
Unerledigt Login

Use-after-free vulnerability in the SetMouseCapture implementation in mshtml.dll in Microsoft Internet Explorer 6 through 11 allows remote attackers to execute arbitrary code via crafted JavaScript strings, as demonstrated by use of an ms-help: URL that triggers loading of hxds.dll.

Betroffene Produkte Warnungen 1 Metriken 3 CWE 1 Referenzen 14

Daten sind bereitgestellt durch National Vulnerability Database (NVD)

Microsoft ≫ Internet Explorer Version6

Microsoft ≫ Internet Explorer Version7

Microsoft ≫ Internet Explorer Version8

Microsoft ≫ Internet Explorer Version9

Microsoft ≫ Internet Explorer Version10

Microsoft ≫ Internet Explorer Version11 Updatedeveloper-preview

Microsoft ≫ Internet Explorer Version11 Updaterelease-preview

12.08.2025: CISA Known Exploited Vulnerabilities (KEV) Catalog

Microsoft Internet Explorer Resource Management Errors Vulnerability

Schwachstelle

Microsoft Internet Explorer contains a memory corruption vulnerability that allows for remote code execution. The impacted products could be end-of-life (EoL) and/or end-of-service (EoS). Users should discontinue product utilization.

Beschreibung

Apply mitigations per vendor instructions, follow applicable BOD 22-01 guidance for cloud services, or discontinue use of the product if mitigations are unavailable.

Erforderliche Maßnahmen

EPSS Metriken
Typ	Quelle	Score	Percentile
EPSS	FIRST.org	85.92%	0.993

CVSS Metriken
Quelle	Base Score	Exploit Score	Impact Score	Vector String
nvd@nist.gov	9.3	8.6	10	AV:N/AC:M/Au:N/C:C/I:C/A:C
134c704f-9b21-4f2e-91b3-4a467353bcc0	8.8	2.8	5.9	CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H

CWE-416 Use After Free

The product reuses or references memory after it has been freed. At some point afterward, the memory may be allocated again and saved in another pointer, while the original pointer references a location somewhere within the new allocation. Any operations using the original pointer are no longer valid because the memory "belongs" to the code that operates on the new pointer.

http://blogs.technet.com/b/srd/archive/2013/09/17/cve-2013-3893-fix-it-workaround-available.aspx

Exploit

http://blogs.technet.com/b/srd/archive/2013/10/08/ms13-080-addresses-two-vulnerabilities-under-limited-targeted-attacks.aspx

http://jvn.jp/en/jp/JVN27443259/index.html

http://jvndb.jvn.jp/ja/contents/2013/JVNDB-2013-000093.html

http://packetstormsecurity.com/files/162585/Microsoft-Internet-Explorer-8-SetMouseCapture-Use-After-Free.html

http://pastebin.com/raw.php?i=Hx1L5gu6

Exploit

http://technet.microsoft.com/security/advisory/2887505

Vendor Advisory

http://www.securityfocus.com/bid/62453

http://www.us-cert.gov/ncas/alerts/TA13-288A