Microsoft Internet Explorer VML Remote Code Execution Vulnerability (2797052) Network Vulnerability

Summary

This host is missing a critical security update according to Microsoft Bulletin MS13-010.

Impact

Successful exploitation will allow attackers to execute arbitrary code and failed attacks will cause denial of service. Impact Level: System/Application

Solution

Run Windows Update and update the listed hotfixes or download and update mentioned hotfixes in the advisory from the below link, http://technet.microsoft.com/en-us/security/bulletin/ms13-010

Insight

The flaw is due to an unspecified error when handling certain VML data and can be exploited to corrupt memory.

Affected

Microsoft Internet Explorer version 6.x/7.x/8.x/9.x/10.x

References

http://secunia.com/advisories/52129/
http://support.microsoft.com/kb/2797052
https://technet.microsoft.com/en-us/security/bulletin/ms13-010

Updated on 2015-03-25

Severity

Classification

CVE CVE-2013-0030

CVSS	Base Score: 9.3 AV:N/AC:M/Au:N/C:C/I:C/A:C

Related Vulnerabilities

Blended Threat Vulnerability in SearchPath Could Allow Elevation of Privilege (959426)
Microsoft Ancillary Function Driver Elevation of Privilege Vulnerability (956803)
Microsoft Active Directory LDAP Remote Code Execution Vulnerability (969805)
Microsoft Distributed File System Remote Code Execution Vulnerabilities (2535512)
Microsoft .NET Common Language Runtime Remote Code Execution Vulnerability (2265906)

Take action and discover your vulnerabilities