Lumension® Endpoint Intelligence Center

Intelligence Center » Browse All Vulnerabilities » CVE-2013-5045

Overview

Vulnerability Score 6.2 6.2
CVE Id CVE-2013-5045
Last Modified 17 Jul 2014 01:00:18
Published 10 Dec 2013 07:55:03
Confidentiality Impact COMPLETE COMPLETE
Integrity Impact COMPLETE COMPLETE
Availability Impact COMPLETE COMPLETE
Access Vector LOCAL
Access Complexity HIGH
Authentication NONE

CVE-2013-5045

Summary

Microsoft Internet Explorer 10 and 11 allows local users to bypass the Protected Mode protection mechanism, and consequently gain privileges, by leveraging the ability to execute sandboxed code, aka "Internet Explorer Elevation of Privilege Vulnerability."

Vulnerable Systems

Application

  • Microsoft Internet Explorer 10

  • Microsoft Internet Explorer 11


References

MS - MS13-097

MISC - http://packetstormsecurity.com/files/127245/MS13-097-Registry-Symlink-IE-Sandbox-Escape.html

Related Patches

MS13-097 Cumulative Security Update for Internet Explorer 8 for Windows Server 2003 (KB2898785)

MS13-097 Cumulative Security Update for Internet Explorer 6 for Windows Server 2003 (KB2898785)

MS13-097 Cumulative Security Update for Internet Explorer 7 for Windows Server 2003 (KB2898785)

MS13-097 Cumulative Security Update for Internet Explorer 8 for Windows Server 2008 (KB2898785)

MS13-097 Cumulative Security Update for Internet Explorer 9 for Windows Server 2008 (KB2898785)

MS13-097 Cumulative Security Update for Internet Explorer 7 for Windows Server 2008 (KB2898785)

MS13-097 Cumulative Security Update for Internet Explorer 6 for Windows XP (KB2898785)

MS13-097 Cumulative Security Update for Internet Explorer 7 for Windows XP (KB2898785)

MS13-097 Cumulative Security Update for Internet Explorer 8 for Windows XP (KB2898785)

MS13-097 Cumulative Security Update for Internet Explorer 9 for Windows Vista (KB2898785)

MS13-097 Cumulative Security Update for Internet Explorer 8 for Windows Vista (KB2898785)

MS13-097 Cumulative Security Update for Internet Explorer 7 for Windows Vista (KB2898785)

MS13-097 Cumulative Security Update for Internet Explorer 6 for Windows Server 2003 x64 (KB2898785)

MS13-097 Cumulative Security Update for Internet Explorer 8 for Windows Server 2003 x64 (KB2898785)

MS13-097 Cumulative Security Update for Internet Explorer 7 for Windows Server 2003 x64 (KB2898785)

MS13-097 Cumulative Security Update for Internet Explorer 9 for Windows Server 2008 x64 (KB2898785)

MS13-097 Cumulative Security Update for Internet Explorer 8 for Windows Server 2008 x64 (KB2898785)

MS13-097 Cumulative Security Update for Internet Explorer 7 for Windows Server 2008 x64 (KB2898785)

MS13-097 Cumulative Security Update for Internet Explorer 9 for Windows Vista x64 (KB2898785)

MS13-097 Cumulative Security Update for Internet Explorer 7 for Windows Vista x64 (KB2898785)

MS13-097 Cumulative Security Update for Internet Explorer 8 for Windows Vista x64 (KB2898785)


Last Updated: 27 May 2016 11:05:46