CVE-2013-3163
CVE-2013-3163
In short
Internet Explorer 8-10 can crash or run malicious code when you visit a specially designed website. This happens because the browser doesn't properly manage its memory, allowing attackers to take control of your computer.
Technical detail
Remote code execution or denial of service vulnerability in Internet Explorer 8-10 via memory corruption. Attack vector is network-based through a crafted web page; no user interaction beyond visiting the site is required. Successful exploitation can lead to arbitrary code execution with user privileges or application crash.
Summary generated and translated by AI from the official description.
Microsoft Internet Explorer 8 through 10 allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via a crafted web site, aka "Internet Explorer Memory Corruption Vulnerability," a different vulnerability than CVE-2013-3144 and CVE-2013-3151.
CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H
Affected products
n/a · n/apublic PoCs found — 1
exploitdbwww.exploit-db.com/exploits/28187unverified⚠ Public resources, to assess the exposure of systems you control or are authorized to test. Test only with authorization.
Want to know if your infrastructure is exposed to this?
Talk to TrueHacking →References
https://docs.microsoft.com/en-us/security-updates/securitybulletins/2013/ms13-055https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A17363https://www.cisa.gov/known-exploited-vulnerabilities-catalog?field_cve=CVE-2013-3163http://www.us-cert.gov/ncas/alerts/TA13-190A