Test ID:	1.3.6.1.4.1.25623.1.0.903307
Category:	Windows : Microsoft Bulletins
Title:	Microsoft Internet Explorer Multiple Use After Free Vulnerabilities (2829530)
Summary:	This host is missing a critical security update according to; Microsoft Bulletin MS13-037.
Description:	Summary: This host is missing a critical security update according to Microsoft Bulletin MS13-037. Vulnerability Insight: Multiple unspecified use-after-free error occurs when accessing already freed memory. Vulnerability Impact: Successful exploitation will allow attackers to corrupt memory by the execution of arbitrary code in the context of the current user and gain access to potentially sensitive information stored in JSON data files. Affected Software/OS: Microsoft Internet Explorer version 6.x/7.x/8.x/9.x/10.x. Solution: The vendor has released updates. Please see the references for more information. CVSS Score: 9.3 CVSS Vector: AV:N/AC:M/Au:N/C:C/I:C/A:C
Cross-Ref:	Common Vulnerability Exposure (CVE) ID: CVE-2013-1297 Cert/CC Advisory: TA13-134A http://www.us-cert.gov/ncas/alerts/TA13-134A Microsoft Security Bulletin: MS13-037 https://docs.microsoft.com/en-us/security-updates/securitybulletins/2013/ms13-037 https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A16518 Common Vulnerability Exposure (CVE) ID: CVE-2013-0811 https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A15979 Common Vulnerability Exposure (CVE) ID: CVE-2013-1306 https://www.exploit-db.com/exploits/40894/ http://blog.skylined.nl/20161208001.html http://packetstormsecurity.com/files/140092/Microsoft-Internet-Explorer-9-MSHTML-CDispNode-InsertSiblingNode-Use-After-Free.html https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A16398 Common Vulnerability Exposure (CVE) ID: CVE-2013-1307 https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A16650 Common Vulnerability Exposure (CVE) ID: CVE-2013-1308 https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A16415 Common Vulnerability Exposure (CVE) ID: CVE-2013-1309 https://www.exploit-db.com/exploits/40893/ http://blog.skylined.nl/20161207001.html http://packetstormsecurity.com/files/140094/Microsoft-Internet-Explorer-MSHTML-CDispNode-InsertSiblingNode-Use-After-Free.html https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A16396 https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A16738 Common Vulnerability Exposure (CVE) ID: CVE-2013-1310 https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A16689 Common Vulnerability Exposure (CVE) ID: CVE-2013-1311 Common Vulnerability Exposure (CVE) ID: CVE-2013-1312 https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A16328 Common Vulnerability Exposure (CVE) ID: CVE-2013-2551 http://h30499.www3.hp.com/t5/HP-Security-Research-Blog/Pwn2Own-2013/ba-p/5981157 http://twitter.com/VUPEN/statuses/309479075385327617 http://twitter.com/thezdi/statuses/309452625173176320 https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A16317 Common Vulnerability Exposure (CVE) ID: CVE-2013-3140 http://www.zerodayinitiative.com/advisories/ZDI-13-084/ https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A15830
Copyright	Copyright (C) 2013 Greenbone AG

This is only one of 146377 vulnerability tests in our test suite. Find out more about running a complete security audit. To run a free test of this vulnerability against your system, register below.