CVE Reference: CVE-2013-3846

NOTE: The text on this page is written by CVE MITRE and reflects neither the opinions of Secunia or the results of our research. All data on this page is written and maintained by CVE MITRE.

Original Page at CVE MITRE:
CVE-2013-3846

Description:
Use-after-free vulnerability in Microsoft Internet Explorer 9 and 10 allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via a crafted CSpliceTreeEngine::InsertSplice object in an HTML document, aka "Internet Explorer Memory Corruption Vulnerability," a different vulnerability than CVE-2013-3143 and CVE-2013-3161.

CVE Status:
Candidate

References:

MS
  http://technet.microsoft.com/security/bulletin/MS13-055

MISC
  http://www.zerodayinitiative.com/advisories/ZDI-13-231/


Return to the previous page.