Computer Security
[EN] securityvulns.ru
no-pyccku



CVECVE-2013-3893
StatusCandidate
DescriptionUse-after-free vulnerability in the SetMouseCapture implementation in mshtml.dll in Microsoft Internet Explorer 6 through 11 allows remote attackers to execute arbitrary code via crafted JavaScript strings, as demonstrated by use of an ms-help: URL that triggers loading of hxds.dll.
SeverityHigh
CVSS score9,3
CVSS vector(AV:N/AC:M/Au:N/C:C/I:C/A:C)
PhaseAssigned (23.01.2014)
NVD:http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-3893
ReferencesCONFIRM : http://blogs.technet.com/b/srd/archive/2013/09/17/...
 CONFIRM : http://blogs.technet.com/b/srd/archive/2013/10/08/...
 CONFIRM : http://technet.microsoft.com/security/advisory/288...
 MISC : http://pastebin.com/raw.php?i=Hx1L5gu6
 MS : MS13-080
 OVAL : oval:org.mitre.oval:def:18665
SecurityVulns:Microsoft Internet Explorer multiple security vulnerabilities

About | Terms of use | Privacy Policy
© SecurityVulns, 3APA3A, Vladimir Dubrovin
Nizhny Novgorod

 
 



Rating@Mail.ru