fkie_cve-2013-2551
Vulnerability from fkie_nvd
Published
2013-03-11 10:55
Modified
2025-02-07 15:15
Severity ?
8.8 (High) - CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H
8.8 (High) - CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H
8.8 (High) - CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H
Summary
Use-after-free vulnerability in Microsoft Internet Explorer 6 through 10 allows remote attackers to execute arbitrary code via a crafted web site that triggers access to a deleted object, as demonstrated by VUPEN during a Pwn2Own competition at CanSecWest 2013, aka "Internet Explorer Use After Free Vulnerability," a different vulnerability than CVE-2013-1308 and CVE-2013-1309.
References
Impacted products
{ cisaActionDue: "2022-04-18", cisaExploitAdd: "2022-03-28", cisaRequiredAction: "Apply updates per vendor instructions.", cisaVulnerabilityName: "Microsoft Internet Explorer Use-After-Free Vulnerability", configurations: [ { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:a:microsoft:internet_explorer:6:*:*:*:*:*:*:*", matchCriteriaId: "693D3C1C-E3E4-49DB-9A13-44ADDFF82507", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:o:microsoft:windows_server_2003:-:sp2:*:*:*:*:*:*", matchCriteriaId: "1D929AA2-EE0B-4AA1-805D-69BCCA11B77F", vulnerable: false, }, { criteria: "cpe:2.3:o:microsoft:windows_xp:-:sp2:*:*:professional:*:x64:*", matchCriteriaId: "C6109348-BC79-4ED3-8D41-EA546A540C79", vulnerable: false, }, { criteria: "cpe:2.3:o:microsoft:windows_xp:-:sp3:*:*:*:*:*:*", matchCriteriaId: "C9392D35-7BF5-48E9-879B-BBDE9A9E9AB9", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:a:microsoft:internet_explorer:7:*:*:*:*:*:*:*", matchCriteriaId: "1A33FA7F-BB2A-4C66-B608-72997A2BD1DB", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:o:microsoft:windows_server_2003:-:sp2:*:*:*:*:*:*", matchCriteriaId: "1D929AA2-EE0B-4AA1-805D-69BCCA11B77F", vulnerable: false, }, { criteria: "cpe:2.3:o:microsoft:windows_server_2008:-:sp2:*:*:*:*:*:*", matchCriteriaId: "5F422A8C-2C4E-42C8-B420-E0728037E15C", vulnerable: false, }, { criteria: "cpe:2.3:o:microsoft:windows_vista:-:sp2:*:*:*:*:*:*", matchCriteriaId: "BF1AD1A1-EE20-4BCE-9EE6-84B27139811C", vulnerable: false, }, { criteria: "cpe:2.3:o:microsoft:windows_xp:-:sp2:*:*:professional:*:x64:*", matchCriteriaId: "C6109348-BC79-4ED3-8D41-EA546A540C79", vulnerable: false, }, { criteria: "cpe:2.3:o:microsoft:windows_xp:-:sp3:*:*:*:*:*:*", matchCriteriaId: "C9392D35-7BF5-48E9-879B-BBDE9A9E9AB9", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:a:microsoft:internet_explorer:8:*:*:*:*:*:*:*", matchCriteriaId: "A52E757F-9B41-43B4-9D67-3FEDACA71283", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:o:microsoft:windows_7:-:sp1:*:*:*:*:*:*", matchCriteriaId: "C2B1C231-DE19-4B8F-A4AA-5B3A65276E46", vulnerable: false, }, { criteria: "cpe:2.3:o:microsoft:windows_server_2003:-:sp2:*:*:*:*:*:*", matchCriteriaId: "1D929AA2-EE0B-4AA1-805D-69BCCA11B77F", vulnerable: false, }, { criteria: "cpe:2.3:o:microsoft:windows_server_2008:-:sp2:*:*:*:*:*:*", matchCriteriaId: "5F422A8C-2C4E-42C8-B420-E0728037E15C", vulnerable: false, }, { criteria: "cpe:2.3:o:microsoft:windows_server_2008:r2:sp1:*:*:*:*:*:*", matchCriteriaId: "2ACA9287-B475-4AF7-A4DA-A7143CEF9E57", vulnerable: false, }, { criteria: "cpe:2.3:o:microsoft:windows_vista:-:sp2:*:*:*:*:*:*", matchCriteriaId: "BF1AD1A1-EE20-4BCE-9EE6-84B27139811C", vulnerable: false, }, { criteria: "cpe:2.3:o:microsoft:windows_xp:-:sp2:*:*:professional:*:x64:*", matchCriteriaId: "C6109348-BC79-4ED3-8D41-EA546A540C79", vulnerable: false, }, { criteria: "cpe:2.3:o:microsoft:windows_xp:-:sp3:*:*:*:*:*:*", matchCriteriaId: "C9392D35-7BF5-48E9-879B-BBDE9A9E9AB9", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:a:microsoft:internet_explorer:9:-:*:*:*:*:*:*", matchCriteriaId: "80235DF1-9241-4DBD-B436-6AC38EFBCF32", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:o:microsoft:windows_7:-:sp1:*:*:*:*:*:*", matchCriteriaId: "C2B1C231-DE19-4B8F-A4AA-5B3A65276E46", vulnerable: false, }, { criteria: "cpe:2.3:o:microsoft:windows_server_2008:-:sp2:*:*:*:*:*:*", matchCriteriaId: "5F422A8C-2C4E-42C8-B420-E0728037E15C", vulnerable: false, }, { criteria: "cpe:2.3:o:microsoft:windows_server_2008:r2:sp1:*:*:*:*:x64:*", matchCriteriaId: "AF07A81D-12E5-4B1D-BFF9-C8D08C32FF4F", vulnerable: false, }, { criteria: "cpe:2.3:o:microsoft:windows_vista:-:sp2:*:*:*:*:*:*", matchCriteriaId: "BF1AD1A1-EE20-4BCE-9EE6-84B27139811C", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:a:microsoft:internet_explorer:10:*:*:*:*:*:*:*", matchCriteriaId: "D5808661-A082-4CBE-808C-B253972487B4", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:o:microsoft:windows_7:-:sp1:*:*:*:*:*:*", matchCriteriaId: "C2B1C231-DE19-4B8F-A4AA-5B3A65276E46", vulnerable: false, }, { criteria: "cpe:2.3:o:microsoft:windows_8:-:*:*:*:*:*:*:*", matchCriteriaId: "0D229E41-A971-4284-9657-16D78414B93F", vulnerable: false, }, { criteria: "cpe:2.3:o:microsoft:windows_rt:-:*:*:*:*:*:*:*", matchCriteriaId: "ABC7A32C-4A4A-4533-B42E-350E728ADFEB", vulnerable: false, }, { criteria: "cpe:2.3:o:microsoft:windows_server_2008:r2:sp1:*:*:*:*:x64:*", matchCriteriaId: "AF07A81D-12E5-4B1D-BFF9-C8D08C32FF4F", vulnerable: false, }, { criteria: "cpe:2.3:o:microsoft:windows_server_2012:-:*:*:*:*:*:*:*", matchCriteriaId: "A7DF96F8-BA6A-4780-9CA3-F719B3F81074", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, ], cveTags: [], descriptions: [ { lang: "en", value: "Use-after-free vulnerability in Microsoft Internet Explorer 6 through 10 allows remote attackers to execute arbitrary code via a crafted web site that triggers access to a deleted object, as demonstrated by VUPEN during a Pwn2Own competition at CanSecWest 2013, aka \"Internet Explorer Use After Free Vulnerability,\" a different vulnerability than CVE-2013-1308 and CVE-2013-1309.", }, { lang: "es", value: "Vulnerabilidad no especificada en Microsoft Internet Explorer 10 en Windows 8 permite a atacantes remotos ejecutar código de su elección a través de vectores desconocidos, como se mostró por VUPEN durante la competición Pwn2Own en CanSecWest 2013.", }, ], evaluatorComment: "CWE 416 User-after-free \n\nhttp://cwe.mitre.org/data/definitions/416.html", id: "CVE-2013-2551", lastModified: "2025-02-07T15:15:12.657", metrics: { cvssMetricV2: [ { acInsufInfo: false, baseSeverity: "HIGH", cvssData: { accessComplexity: "MEDIUM", accessVector: "NETWORK", authentication: "NONE", availabilityImpact: "COMPLETE", baseScore: 9.3, confidentialityImpact: "COMPLETE", integrityImpact: "COMPLETE", vectorString: "AV:N/AC:M/Au:N/C:C/I:C/A:C", version: "2.0", }, exploitabilityScore: 8.6, impactScore: 10, obtainAllPrivilege: false, obtainOtherPrivilege: false, obtainUserPrivilege: false, source: "nvd@nist.gov", type: "Primary", userInteractionRequired: true, }, ], cvssMetricV31: [ { cvssData: { attackComplexity: "LOW", attackVector: "NETWORK", availabilityImpact: "HIGH", baseScore: 8.8, baseSeverity: "HIGH", confidentialityImpact: "HIGH", integrityImpact: "HIGH", privilegesRequired: "NONE", scope: "UNCHANGED", userInteraction: "REQUIRED", vectorString: "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H", version: "3.1", }, exploitabilityScore: 2.8, impactScore: 5.9, source: "nvd@nist.gov", type: "Primary", }, { cvssData: { attackComplexity: "LOW", attackVector: "NETWORK", availabilityImpact: "HIGH", baseScore: 8.8, baseSeverity: "HIGH", confidentialityImpact: "HIGH", integrityImpact: "HIGH", privilegesRequired: "NONE", scope: "UNCHANGED", userInteraction: "REQUIRED", vectorString: "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H", version: "3.1", }, exploitabilityScore: 2.8, impactScore: 5.9, source: "134c704f-9b21-4f2e-91b3-4a467353bcc0", type: "Secondary", }, ], }, published: "2013-03-11T10:55:01.070", references: [ { source: "cve@mitre.org", tags: [ "Broken Link", "Third Party Advisory", ], url: "http://h30499.www3.hp.com/t5/HP-Security-Research-Blog/Pwn2Own-2013/ba-p/5981157", }, { source: "cve@mitre.org", tags: [ "Broken Link", ], url: "http://twitter.com/VUPEN/statuses/309479075385327617", }, { source: "cve@mitre.org", tags: [ "Not Applicable", ], url: "http://twitter.com/thezdi/statuses/309452625173176320", }, { source: "cve@mitre.org", tags: [ "Third Party Advisory", "US Government Resource", ], url: "http://www.us-cert.gov/ncas/alerts/TA13-134A", }, { source: "cve@mitre.org", tags: [ "Patch", "Vendor Advisory", ], url: "https://docs.microsoft.com/en-us/security-updates/securitybulletins/2013/ms13-037", }, { source: "cve@mitre.org", tags: [ "Broken Link", ], url: "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A16317", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Broken Link", "Third Party Advisory", ], url: "http://h30499.www3.hp.com/t5/HP-Security-Research-Blog/Pwn2Own-2013/ba-p/5981157", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Broken Link", ], url: "http://twitter.com/VUPEN/statuses/309479075385327617", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Not Applicable", ], url: "http://twitter.com/thezdi/statuses/309452625173176320", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Third Party Advisory", "US Government Resource", ], url: "http://www.us-cert.gov/ncas/alerts/TA13-134A", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Patch", "Vendor Advisory", ], url: "https://docs.microsoft.com/en-us/security-updates/securitybulletins/2013/ms13-037", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Broken Link", ], url: "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A16317", }, ], sourceIdentifier: "cve@mitre.org", vulnStatus: "Modified", weaknesses: [ { description: [ { lang: "en", value: "CWE-416", }, ], source: "nvd@nist.gov", type: "Primary", }, { description: [ { lang: "en", value: "CWE-416", }, ], source: "134c704f-9b21-4f2e-91b3-4a467353bcc0", type: "Secondary", }, ], }
Log in or create an account to share your comment.
Security Advisory comment format.
This schema specifies the format of a comment related to a security advisory.
Title of the comment
Description of the comment
Loading…
Loading…
Loading…
Sightings
| Author | Source | Type | Date |
|---|
Nomenclature
- Seen: The vulnerability was mentioned, discussed, or seen somewhere by the user.
- Confirmed: The vulnerability is confirmed from an analyst perspective.
- Exploited: This vulnerability was exploited and seen by the user reporting the sighting.
- Patched: This vulnerability was successfully patched by the user reporting the sighting.
- Not exploited: This vulnerability was not exploited or seen by the user reporting the sighting.
- Not confirmed: The user expresses doubt about the veracity of the vulnerability.
- Not patched: This vulnerability was not successfully patched by the user reporting the sighting.