<< Back
CVE Number Vulnerability Product Severity Date
Microsoft Security Advisory (2887505) Vulnerability in Internet Explorer Could Allow Remote Code Execution Internet Explorer Critical 18-09-2013

Technical Information

Brief overview of the risk:
This is a remote code execution vulnerability which affects Internet Explorer version 8 and Internet Explorer version 9.
Detailed Information on the risk:

Triggering the vulnerability may cause memory corruption within the Internet Explorer 8 process in a way that could allow remote execution of arbitrary code in the context of the current user within Internet Explorer. The vulnerability exists in the way that Internet Explorer accesses deleted objects (use-after-free) or an object that has not been properly allocated. Attempts to exploit this vulnerability will be blocked as Exploit (0040f61d1). This detection is based on advice and PoCs provided by the Microsoft Active Protections Program. We are currently monitoring our telemetry data for any hits of this threat in the wild.


Further information on this exploit is available at : Microsoft Security Advisory 2887505

Affected Software

Internet Explorer 6
Internet Explorer 7
Internet Explorer 8
Internet Explorer 9
Internet Explorer 10
Internet Explorer 11