Vulnerability in Microsoft Internet_explorer
CVE-2013-3846
Use-after-free vulnerability in Microsoft Internet Explorer 9 and 10 allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via a crafted CSpliceTreeEngine::InsertSplice object in an HTML documen…
EPSS: 0.668 (98.6th percentile) — read the EPSS interpretation.
Affected products
- Microsoft Internet_explorer — versions 9, 10
- N/a — versions n/a
Weakness classification (CWE)
References
- MS13-055 (x_refsource_MS, vendor-advisory)
- secure@microsoft.com (x_refsource_MISC)