You are here

V-149: Microsoft Internet Explorer Object Access Bug Lets Remote Users Execute Arbitrary Code

May 6, 2013 - 12:07am

Addthis

PROBLEM:

Microsoft Internet Explorer Object Access Bug Lets Remote Users Execute Arbitrary Code

PLATFORM:

Internet Explorer 8

ABSTRACT:

A vulnerability was reported in Microsoft Internet Explorer.

REFERENCE LINKS:

SecurityTracker Alert ID:  1028514
Microsoft Security Advisory (2847140)
CVE-2013-1347

IMPACT ASSESSMENT:

Medium

DISCUSSION:

A remote user can create specially crafted HTML that, when loaded by the target user, will access and object that has been deleted or not properly allocated and execute arbitrary code on the target system. The code will run with the privileges of the target user.

IMPACT:

A remote user can cause arbitrary code to be executed on the target user's system.

SOLUTION:

No solution was available at the time of this entry.

Addthis