Microsoft Internet Explorer Multiple Use After Free Vulnerabilities (2817183) Network Vulnerability

Summary

This host is missing a critical security update according to Microsoft Bulletin MS13-028.

Impact

Successful exploitation will allow attackers to execute arbitrary HTML or script code in the context of the current user. Impact Level: Application

Solution

Run Windows Update and update the listed hotfixes or download and update mentioned hotfixes in the advisory from the below link, http://technet.microsoft.com/en-us/security/bulletin/ms13-028

Insight

Unspecified use-after-free error occurs when dereference already freed memory.

Affected

Microsoft Internet Explorer version 6.x/7.x/8.x/9.x/10.x

References

http://secunia.com/advisories/52874
http://www.osvdb.com/92120
http://www.osvdb.com/92121
https://technet.microsoft.com/en-us/security/bulletin/ms13-028

Updated on 2017-03-28

Severity

Classification

CVE CVE-2013-1303, CVE-2013-1304, CVE-2013-1338

CVSS	Base Score: 9.3 AV:N/AC:M/Au:N/C:C/I:C/A:C

Related Vulnerabilities

Microsoft .NET Framework Remote Code Execution Vulnerability (2484015)
Microsoft .NET Framework Privilege Elevation Vulnerability (2958732)
Buffer Overrun in the ListBox and in the ComboBox (824141)
Microsoft Groove Remote Code Execution Vulnerability (2494047)
Internet Information Services (IIS) FTP Service Remote Code Execution Vulnerability (2489256)

Take action and discover your vulnerabilities