Signature Detail
Short Name |
HTTP:STC:IE:10-UAF-MC |
|---|---|
Severity |
High |
Recommended |
Yes |
Recommended Action |
Drop |
Category |
HTTP |
Keywords |
Microsoft Internet Explorer 10 Use After Free Memory Corruption |
Release Date |
2013/05/13 |
Update Number |
2262 |
Supported Platforms |
idp-4.0+, isg-3.1.134269+, j-series-9.5+, mx-9.4+, srx-9.2+, srx-branch-9.4+, vsrx-12.1+ |
HTTP: Microsoft Internet Explorer 10 Use After Free Memory Corruption
This signature detects attempts to exploit a known vulnerability against Microsoft Internet Explorer 10. A successful attack can lead to arbitrary code execution.
Extended Description
Use-after-free vulnerability in Microsoft Internet Explorer 6 through 10 allows remote attackers to execute arbitrary code via a crafted web site that triggers access to a deleted object, as demonstrated by VUPEN during a Pwn2Own competition at CanSecWest 2013, aka "Internet Explorer Use After Free Vulnerability," a different vulnerability than CVE-2013-1308 and CVE-2013-1309.
Affected Products
- microsoft internet_explorer 10
- microsoft internet_explorer 6
- microsoft internet_explorer 7
- microsoft internet_explorer 8
- microsoft internet_explorer 9
References
- CVE: CVE-2013-2551