CVE-2013-3893: CVE-2013-3893

Get alerts for future matching vulnerabilitiesLog in to subscribe

I. Basic Information for CVE-2013-3893

Vulnerability Information

Have questions about the vulnerability? See if Shenlong's analysis helps!

Although we use advanced large model technology, its output may still contain inaccurate or outdated information.Shenlong tries to ensure data accuracy, but please verify and judge based on the actual situation.

Vulnerability Title

N/A

Source: NVD (National Vulnerability Database)

Vulnerability Description

Use-after-free vulnerability in the SetMouseCapture implementation in mshtml.dll in Microsoft Internet Explorer 6 through 11 allows remote attackers to execute arbitrary code via crafted JavaScript strings, as demonstrated by use of an ms-help: URL that triggers loading of hxds.dll.

Source: NVD (National Vulnerability Database)

CVSS Information

N/A

Source: NVD (National Vulnerability Database)

Vulnerability Type

N/A

Source: NVD (National Vulnerability Database)

Vulnerability Title

Microsoft Internet Explorer 远程代码执行漏洞

Source: CNNVD (China National Vulnerability Database)

Vulnerability Description

Internet Explorer（IE）是美国微软（Microsoft）公司开发的一款Web浏览器，是Windows操作系统附带的默认浏览器。 Microsoft IE 6至11版本中的mshtml.dll文件中的SetMouseCapture功能实现中存在远程代码执行漏洞，该漏洞源于程序访问内存中已被删除或尚未正确分配的对象。攻击者可借助特制的网站并诱使用户查看该网站，利用该漏洞在IE中的当前用户的上下文中执行任意代码，可造成内存损坏。成功利用此漏洞的攻击者可获得与当前用户相同的用户权限。如果当前用户

Source: CNNVD (China National Vulnerability Database)

CVSS Information

N/A

Source: CNNVD (China National Vulnerability Database)

Vulnerability Type

N/A

Source: CNNVD (China National Vulnerability Database)

Affected Products

Vendor	Product	Affected Versions	CPE	Subscribe
-	n/a	n/a	-

II. Public POCs for CVE-2013-3893

#	POC Description	Source Link	Shenlong Link

AI-Generated POCPremium

No public POC found.

III. Intelligence Information for CVE-2013-3893

Please Login to view more intelligence information

http://blogs.technet.com/b/srd/archive/2013/10/08/ms13-080-addresses-two-vulnerabilities-under-limited-targeted-attacks.aspxx_refsource_CONFIRM
http://packetstormsecurity.com/files/162585/Microsoft-Internet-Explorer-8-SetMouseCapture-Use-After-Free.htmlx_refsource_MISC
http://pastebin.com/raw.php?i=Hx1L5gu6x_refsource_MISC
http://technet.microsoft.com/security/advisory/2887505x_refsource_CONFIRM
http://blogs.technet.com/b/srd/archive/2013/09/17/cve-2013-3893-fix-it-workaround-available.aspxx_refsource_CONFIRM
http://www.securityfocus.com/bid/62453vdb-entryx_refsource_BID
https://docs.microsoft.com/en-us/security-updates/securitybulletins/2013/ms13-080vendor-advisoryx_refsource_MS
http://www.us-cert.gov/ncas/alerts/TA13-288Athird-party-advisoryx_refsource_CERT
http://jvn.jp/en/jp/JVN27443259/index.htmlthird-party-advisoryx_refsource_JVN
http://jvndb.jvn.jp/ja/contents/2013/JVNDB-2013-000093.htmlthird-party-advisoryx_refsource_JVNDB
https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A18665vdb-entrysignaturex_refsource_OVAL
https://nvd.nist.gov/vuln/detail/CVE-2013-3893

IV. Related Vulnerabilities

Same product: n/a

Same vendor: n/a

V. Comments for CVE-2013-3893

No comments yet

Goal Reached Thanks to every supporter — we hit 100%!

I. Basic Information for CVE-2013-3893

Vulnerability Information

Vulnerability Title

Vulnerability Description

CVSS Information

Vulnerability Type

Vulnerability Title

Vulnerability Description

CVSS Information

Vulnerability Type

Affected Products

II. Public POCs for CVE-2013-3893

III. Intelligence Information for CVE-2013-3893

IV. Related Vulnerabilities

V. Comments for CVE-2013-3893

Leave a comment