Lumension® Endpoint Intelligence Center

Intelligence Center » Browse All Vulnerabilities » CVE-2013-0015

Overview

Vulnerability Score 4.3 4.3
CVE Id CVE-2013-0015
Last Modified 02 Nov 2013 11:29:19
Published 13 Feb 2013 07:04:11
Confidentiality Impact PARTIAL PARTIAL
Integrity Impact NONE NONE
Availability Impact NONE NONE
Access Vector NETWORK
Access Complexity MEDIUM
Authentication NONE

CVE-2013-0015

Summary

Microsoft Internet Explorer 6 through 9 does not properly perform auto-selection of the Shift JIS encoding, which allows remote attackers to read content from a different (1) domain or (2) zone via a crafted web site that triggers cross-domain scrolling events, aka "Shift JIS Character Encoding Vulnerability."

Vulnerable Systems

Application

  • Microsoft Internet Explorer 6

  • Microsoft Internet Explorer 7

  • Microsoft Internet Explorer 8

  • Microsoft Internet Explorer 9


References

MS - MS13-009

CERT - TA13-043B

Related Patches

MS13-009 Cumulative Security Update for Internet Explorer 7 for XP (KB2792100)

MS13-009 Cumulative Security Update for Internet Explorer 6 for XP (KB2792100)

MS13-009 Cumulative Security Update for Internet Explorer 8 for XP (KB2792100)

MS13-009 Cumulative Security Update for Internet Explorer 9 for Windows Server 2008 (KB2792100)

MS13-009 Cumulative Security Update for Internet Explorer 7 for Windows Server 2008 (KB2792100)

MS13-009 Cumulative Security Update for Internet Explorer 8 for Windows Server 2008 (KB2792100)

MS13-009 Cumulative Security Update for Internet Explorer 8 for 2003 (KB2792100)

MS13-009 Cumulative Security Update for Internet Explorer 7 for 2003 (KB2792100)

MS13-009 Cumulative Security Update for Internet Explorer 6 for 2003 (KB2792100)

MS13-009 Cumulative Security Update for Internet Explorer 9 for Windows 7 (KB2792100)

MS13-009 Cumulative Security Update for Internet Explorer 8 for Windows Embedded Standard 7 (KB2792100)

MS13-009 Cumulative Security Update for Internet Explorer 9 for Windows Embedded Standard 7 (KB2792100)

MS13-009 Cumulative Security Update for Internet Explorer 8 for Windows 7 (KB2792100)

MS13-009 Cumulative Security Update for Internet Explorer 7 for Windows Vista (KB2792100)

MS13-009 Cumulative Security Update for Internet Explorer 8 for Windows Vista (KB2792100)

MS13-009 Cumulative Security Update for Internet Explorer 9 for Windows Vista (KB2792100)

MS13-009 Cumulative Security Update for Internet Explorer 8 for Windows Server 2008 R2 x64 (KB2792100)

MS13-009 Cumulative Security Update for Internet Explorer 9 for Windows Server 2008 R2 x64 (KB2792100)

MS13-009 Cumulative Security Update for Internet Explorer 6 for Windows Server 2003 x64 (KB2792100)

MS13-009 Cumulative Security Update for Internet Explorer 7 for Windows Server 2003 x64 (KB2792100)

MS13-009 Cumulative Security Update for Internet Explorer 8 for Windows Server 2003 x64 (KB2792100)

MS13-009 Cumulative Security Update for Internet Explorer 8 for Windows 7 x64 (KB2792100)

MS13-009 Cumulative Security Update for Internet Explorer 8 for Windows Embedded Standard 7 x64 (KB2792100)

MS13-009 Cumulative Security Update for Internet Explorer 9 for Windows Embedded Standard 7 x64 (KB2792100)

MS13-009 Cumulative Security Update for Internet Explorer 9 for Windows 7 x64 (KB2792100)

MS13-009 Cumulative Security Update for Internet Explorer 7 for Windows Vista x64 (KB2792100)

MS13-009 Cumulative Security Update for Internet Explorer 9 for Windows Vista x64 (KB2792100)

MS13-009 Cumulative Security Update for Internet Explorer 8 for Windows Vista x64 (KB2792100)

MS13-009 Cumulative Security Update for Internet Explorer 9 for Windows Server 2008 x64 (KB2792100)

MS13-009 Cumulative Security Update for Internet Explorer 7 for Windows Server 2008 x64 (KB2792100)

MS13-009 Cumulative Security Update for Internet Explorer 8 for Windows Server 2008 x64 (KB2792100)


Last Updated: 27 May 2016 10:38:12