1. Symantec-Broadcom-Horizontal/
  2. Security Response/
  3. Attack Signatures/
  4. Web Attack: Microsoft Internet Explorer UAF CVE-2013-1311

Web Attack: Microsoft Internet Explorer UAF CVE-2013-1311

Severity: High

This attack could pose a serious security threat. You should take immediate action to stop any damage or prevent further damage from happening.

Description

This signature detects attempts to exploit a Remote Code Execution vulnerability in Microsoft Internet Explorer.

Additional Information

Microsoft Internet Explorer is a Web browser available for Microsoft Windows.

Internet Explorer is prone to a remote code-execution vulnerability due to a use-after-free condition. Specifically, this issue occurs when the application of a style sheet performs style computations on the DOM corrupting the 'textNode' pointer. This pointer is later overwritten when the 'innerHTML' property on the parent object is set.

Attackers can exploit this issue by enticing an unsuspecting user to view a specially crafted webpage.

Attackers can exploit this issue to execute arbitrary code in the context of the currently logged-in user. Failed attacks will cause denial-of-service conditions.

Internet Explorer 8 is vulnerable.

Affected

  • Internet Explorer 8 is vulnerable.
  • Twitter
  • Facebook
  • LinkedIn
  • Google+
  • YouTube