Use-After-Free Vulnerability in Microsoft Windows Products
CVE-2013-5056

Currently unrated

Key Information:

Vendor: Microsoft
Status: Windows Server 2008; Windows Server 2012; Windows Rt; Windows 8.1
Vendor: CVE Published:; 11 December 2013

Summary

The vulnerability involves a flaw within the Scripting Runtime Object Library in various Microsoft Windows versions, leading to a use-after-free scenario. This issue allows remote attackers to exploit the vulnerability through crafted web pages accessed via Internet Explorer. Successful exploitation could enable arbitrary code execution or cause memory corruption, potentially resulting in a denial of service.

References

https://docs.microsoft.com/en-us/security-updates/securit...

vendor-advisoryx_refsource_MS

EPSS Score

37% chance of being exploited in the next 30 days.

Timeline

Vulnerability published
Dec 11, 2013
Vulnerability Reserved
Aug 6, 2013