CVE Number | Vulnerability | Product | Severity | Date |
---|---|---|---|---|
Microsoft Security Advisory (2887505) | Vulnerability in Internet Explorer Could Allow Remote Code Execution | Internet Explorer | Critical | 18-09-2013 |
Technical Information
Brief overview of the risk:
This is a remote code execution vulnerability which affects Internet Explorer version 8 and Internet Explorer version 9.
Detailed Information on the risk:
Triggering the vulnerability may cause memory corruption within the Internet Explorer 8 process in a way that could allow remote execution of arbitrary code in the context of the current user within Internet Explorer. The vulnerability exists in the way that Internet Explorer accesses deleted objects (use-after-free) or an object that has not been properly allocated. Attempts to exploit this vulnerability will be blocked as Exploit (0040f61d1). This detection is based on advice and PoCs provided by the Microsoft Active Protections Program. We are currently monitoring our telemetry data for any hits of this threat in the wild.
Further information on this exploit is available at : Microsoft Security Advisory 2887505
Affected Software
Internet Explorer 6Internet Explorer 7
Internet Explorer 8
Internet Explorer 9
Internet Explorer 10
Internet Explorer 11