Microsoft Internet Explorer Multiple Use After Free Vulnerabilities (2817183) Network Vulnerability

Summary

This host is missing a critical security update according to Microsoft Bulletin MS13-028.

Impact

Successful exploitation will allow attackers to execute arbitrary HTML or script code in the context of the current user. Impact Level: Application

Solution

Run Windows Update and update the listed hotfixes or download and update mentioned hotfixes in the advisory from the below link, http://technet.microsoft.com/en-us/security/bulletin/ms13-028

Insight

Unspecified use-after-free error occurs when dereference already freed memory.

Affected

Microsoft Internet Explorer version 6.x/7.x/8.x/9.x/10.x

References

http://secunia.com/advisories/52874
http://www.osvdb.com/92120
http://www.osvdb.com/92121
https://technet.microsoft.com/en-us/security/bulletin/ms13-028

Updated on 2017-03-28

Severity

Classification

CVE CVE-2013-1303, CVE-2013-1304, CVE-2013-1338

CVSS	Base Score: 9.3 AV:N/AC:M/Au:N/C:C/I:C/A:C

Related Vulnerabilities

Microsoft Internet Explorer Multiple Memory Corruption Vulnerabilities (2870699)
Microsoft Internet Explorer Data Stream Handling Remote Code Execution Vulnerability (947864)
Microsoft .NET Framework and Microsoft Silverlight Remote Code Execution Vulnerabilities (2651026)
Cumulative Security Update for Internet Explorer (958215)
Cumulative Security Update for Internet Explorer (950759)

Take action and discover your vulnerabilities