Executive Summary

Summary
TitleCumulative Security Update for Internet Explorer (2829530)
Informations
NameMS13-037First vendor Publication2013-05-14
VendorMicrosoftLast vendor Modification2013-05-22
Severity (Vendor) CriticalRevision1.1

Security-Database Scoring CVSS v2

Cvss vector : (AV:N/AC:M/Au:N/C:C/I:C/A:C)
Cvss Base Score9.3Attack RangeNetwork
Cvss Impact Score10Attack ComplexityMedium
Cvss Expoit Score8.6AuthenticationNone Required
Calculate full CVSS 2.0 Vectors scores

Detail

Revision Note: V1.1 (May 22, 2013): Corrected the Common Vulnerabilities and Exposures number for CVE-2013-3140. This is an informational change only.

Summary: This security update resolves eleven privately reported vulnerabilities in Internet Explorer. The most severe vulnerabilities could allow remote code execution if a user views a specially crafted webpage using Internet Explorer. An attacker who successfully exploited the most severe of these vulnerabilities could gain the same user rights as the current user. Users whose accounts are configured to have fewer user rights on the system could be less impacted than users who operate with administrative user rights.

Original Source

Url : http://technet.microsoft.com/en-us/security/bulletin/ms13-037

CWE : Common Weakness Enumeration

%idName
75 %CWE-416Use After Free
17 %CWE-399Resource Management Errors
8 %CWE-200Information Exposure

OVAL Definitions

Definition Id: oval:org.mitre.oval:def:16650
 
Oval ID: oval:org.mitre.oval:def:16650
Title: Internet Explorer Use After Free Vulnerability - (CVE-2013-1307) MS13-037
Description: Use-after-free vulnerability in Microsoft Internet Explorer 8 and 9 allows remote attackers to execute arbitrary code via a crafted web site that triggers access to a deleted object, aka "Internet Explorer Use After Free Vulnerability," a different vulnerability than CVE-2013-0811.
Family: windows Class: vulnerability
Reference(s): CVE-2013-1307
Version: 5
Platform(s): Microsoft Windows 7
Microsoft Windows Server 2003
Microsoft Windows Server 2008
Microsoft Windows Server 2008 R2
Microsoft Windows Vista
Microsoft Windows XP
Product(s): Microsoft Internet Explorer 8
Microsoft Internet Explorer 9
Definition Synopsis:
Definition Id: oval:org.mitre.oval:def:16738
 
Oval ID: oval:org.mitre.oval:def:16738
Title: Internet Explorer Use After Free Vulnerability - (CVE-2013-1311) MS13-037
Description: Use-after-free vulnerability in Microsoft Internet Explorer 8 allows remote attackers to execute arbitrary code via a crafted web site that triggers access to a deleted object, aka "Internet Explorer Use After Free Vulnerability."
Family: windows Class: vulnerability
Reference(s): CVE-2013-1311
Version: 9
Platform(s): Microsoft Windows 7
Microsoft Windows Server 2003
Microsoft Windows Server 2008
Microsoft Windows Server 2008 R2
Microsoft Windows Vista
Microsoft Windows XP
Product(s): Microsoft Internet Explorer 8
Definition Synopsis:
Definition Id: oval:org.mitre.oval:def:16415
 
Oval ID: oval:org.mitre.oval:def:16415
Title: Internet Explorer Use After Free Vulnerability - (CVE-2013-1308) MS13-037
Description: Use-after-free vulnerability in Microsoft Internet Explorer 6 through 10 allows remote attackers to execute arbitrary code via a crafted web site that triggers access to a deleted object, aka "Internet Explorer Use After Free Vulnerability," a different vulnerability than CVE-2013-1309 and CVE-2013-2551.
Family: windows Class: vulnerability
Reference(s): CVE-2013-1308
Version: 5
Platform(s): Microsoft Windows 7
Microsoft Windows 8
Microsoft Windows Server 2003
Microsoft Windows Server 2008
Microsoft Windows Server 2008 R2
Microsoft Windows Server 2012
Microsoft Windows Vista
Microsoft Windows XP
Product(s): Microsoft Internet Explorer 6
Microsoft Internet Explorer 7
Microsoft Internet Explorer 8
Microsoft Internet Explorer 9
Microsoft Internet Explorer 10
Definition Synopsis:
Definition Id: oval:org.mitre.oval:def:15979
 
Oval ID: oval:org.mitre.oval:def:15979
Title: Internet Explorer Use After Free Vulnerability - (CVE-2013-0811) MS13-037
Description: Use-after-free vulnerability in Microsoft Internet Explorer 8 and 9 allows remote attackers to execute arbitrary code via a crafted web site that triggers access to a deleted object, aka "Internet Explorer Use After Free Vulnerability," a different vulnerability than CVE-2013-1307.
Family: windows Class: vulnerability
Reference(s): CVE-2013-0811
Version: 5
Platform(s): Microsoft Windows 7
Microsoft Windows Server 2003
Microsoft Windows Server 2008
Microsoft Windows Server 2008 R2
Microsoft Windows Vista
Microsoft Windows XP
Product(s): Microsoft Internet Explorer 8
Microsoft Internet Explorer 9
Definition Synopsis:
Definition Id: oval:org.mitre.oval:def:15830
 
Oval ID: oval:org.mitre.oval:def:15830
Title: Internet Explorer Use After Free Vulnerability - (CVE-2013-3140) MS13-037
Description: Use-after-free vulnerability in Microsoft Internet Explorer 9 allows remote attackers to execute arbitrary code via a crafted web site that triggers access to a deleted CMarkup object, aka "Internet Explorer Use After Free Vulnerability."
Family: windows Class: vulnerability
Reference(s): CVE-2013-3140
Version: 7
Platform(s): Microsoft Windows 7
Microsoft Windows Server 2008
Microsoft Windows Server 2008 R2
Microsoft Windows Vista
Product(s): Microsoft Internet Explorer 9
Definition Synopsis:
Definition Id: oval:org.mitre.oval:def:16317
 
Oval ID: oval:org.mitre.oval:def:16317
Title: Internet Explorer Use After Free Vulnerability - (CVE-2013-2551) MS13-037
Description: Use-after-free vulnerability in Microsoft Internet Explorer 6 through 10 allows remote attackers to execute arbitrary code via a crafted web site that triggers access to a deleted object, as demonstrated by VUPEN during a Pwn2Own competition at CanSecWest 2013, aka "Internet Explorer Use After Free Vulnerability," a different vulnerability than CVE-2013-1308 and CVE-2013-1309.
Family: windows Class: vulnerability
Reference(s): CVE-2013-2551
Version: 5
Platform(s): Microsoft Windows 7
Microsoft Windows 8
Microsoft Windows Server 2003
Microsoft Windows Server 2008
Microsoft Windows Server 2008 R2
Microsoft Windows Server 2012
Microsoft Windows Vista
Microsoft Windows XP
Product(s): Microsoft Internet Explorer 6
Microsoft Internet Explorer 7
Microsoft Internet Explorer 8
Microsoft Internet Explorer 9
Microsoft Internet Explorer 10
Definition Synopsis:
Definition Id: oval:org.mitre.oval:def:16396
 
Oval ID: oval:org.mitre.oval:def:16396
Title: Internet Explorer Use After Free Vulnerability - (CVE-2013-1309) MS13-037
Description: Use-after-free vulnerability in Microsoft Internet Explorer 6 through 10 allows remote attackers to execute arbitrary code via a crafted web site that triggers access to a deleted object, aka "Internet Explorer Use After Free Vulnerability," a different vulnerability than CVE-2013-1308 and CVE-2013-2551.
Family: windows Class: vulnerability
Reference(s): CVE-2013-1309
Version: 5
Platform(s): Microsoft Windows 7
Microsoft Windows 8
Microsoft Windows Server 2003
Microsoft Windows Server 2008
Microsoft Windows Server 2008 R2
Microsoft Windows Server 2012
Microsoft Windows Vista
Microsoft Windows XP
Product(s): Microsoft Internet Explorer 6
Microsoft Internet Explorer 7
Microsoft Internet Explorer 8
Microsoft Internet Explorer 9
Microsoft Internet Explorer 10
Definition Synopsis:
Definition Id: oval:org.mitre.oval:def:16398
 
Oval ID: oval:org.mitre.oval:def:16398
Title: Internet Explorer Use After Free Vulnerability - (CVE-2013-1306) MS13-037
Description: Use-after-free vulnerability in Microsoft Internet Explorer 9 allows remote attackers to execute arbitrary code via a crafted web site that triggers access to a deleted object, aka "Internet Explorer Use After Free Vulnerability," a different vulnerability than CVE-2013-1313.
Family: windows Class: vulnerability
Reference(s): CVE-2013-1306
Version: 5
Platform(s): Microsoft Windows 7
Microsoft Windows Server 2008
Microsoft Windows Server 2008 R2
Microsoft Windows Vista
Product(s): Microsoft Internet Explorer 9
Definition Synopsis:
Definition Id: oval:org.mitre.oval:def:16385
 
Oval ID: oval:org.mitre.oval:def:16385
Title: Microsoft OLE Automation Remote Code Execution Vulnerability - MS13-020
Description: Object Linking and Embedding (OLE) Automation in Microsoft Windows XP SP3 does not properly allocate memory, which allows remote attackers to execute arbitrary code via a crafted RTF document, aka "OLE Automation Remote Code Execution Vulnerability."
Family: windows Class: vulnerability
Reference(s): CVE-2013-1313
Version: 6
Platform(s): Microsoft Windows XP
Product(s):
Definition Synopsis:
Definition Id: oval:org.mitre.oval:def:16328
 
Oval ID: oval:org.mitre.oval:def:16328
Title: Internet Explorer Use After Free Vulnerability - (CVE-2013-1312) MS13-037
Description: Use-after-free vulnerability in Microsoft Internet Explorer 9 and 10 allows remote attackers to execute arbitrary code via a crafted web site that triggers access to a deleted object, aka "Internet Explorer Use After Free Vulnerability."
Family: windows Class: vulnerability
Reference(s): CVE-2013-1312
Version: 5
Platform(s): Microsoft Windows 7
Microsoft Windows 8
Microsoft Windows Server 2008
Microsoft Windows Server 2008 R2
Microsoft Windows Server 2012
Microsoft Windows Vista
Product(s): Microsoft Internet Explorer 9
Microsoft Internet Explorer 10
Definition Synopsis:
Definition Id: oval:org.mitre.oval:def:16518
 
Oval ID: oval:org.mitre.oval:def:16518
Title: JSON Array Information Disclosure Vulnerability - (CVE-2013-1297) MS13-037
Description: Microsoft Internet Explorer 6 through 8 does not properly restrict data access by VBScript, which allows remote attackers to perform cross-domain reading of JSON files via a crafted web site, aka "JSON Array Information Disclosure Vulnerability."
Family: windows Class: vulnerability
Reference(s): CVE-2013-1297
Version: 5
Platform(s): Microsoft Windows 7
Microsoft Windows Server 2003
Microsoft Windows Server 2008
Microsoft Windows Server 2008 R2
Microsoft Windows Vista
Microsoft Windows XP
Product(s): Microsoft Internet Explorer 6
Microsoft Internet Explorer 7
Microsoft Internet Explorer 8
Definition Synopsis:
Definition Id: oval:org.mitre.oval:def:16689
 
Oval ID: oval:org.mitre.oval:def:16689
Title: Internet Explorer Use After Free Vulnerability - (CVE-2013-1310) MS13-037
Description: Use-after-free vulnerability in Microsoft Internet Explorer 6 and 7 allows remote attackers to execute arbitrary code via a crafted web site that triggers access to a deleted object, aka "Internet Explorer Use After Free Vulnerability."
Family: windows Class: vulnerability
Reference(s): CVE-2013-1310
Version: 5
Platform(s): Microsoft Windows Server 2003
Microsoft Windows Server 2008
Microsoft Windows Vista
Microsoft Windows XP
Product(s): Microsoft Internet Explorer 6
Microsoft Internet Explorer 7
Definition Synopsis:

CPE : Common Platform Enumeration

TypeDescriptionCount
Application5
Os1

SAINT Exploits

DescriptionLink
Internet Explorer textNode Style Computation Use After Free VulnerabilityMore info here
Internet Explorer VML Dashstyle Attributes Integer OverflowMore info here

ExploitDB Exploits

idDescription
2013-06-13MS13-009 Microsoft Internet Explorer COALineDashStyleArray Integer Overflow
2013-06-07Microsoft Internet Explorer textNode Use-After-Free

Snort® IPS/IDS

DateDescription
2019-04-18Microsoft Office MSCOMCTL ActiveX control tabstrip method attempt
RuleID : 49496 - Revision : 1 - Type : FILE-OFFICE
2019-04-18Microsoft Office MSCOMCTL ActiveX control tabstrip method attempt
RuleID : 49494 - Revision : 1 - Type : FILE-OFFICE
2015-04-30Nuclear exploit kit obfuscated file download
RuleID : 33983 - Revision : 4 - Type : EXPLOIT-KIT
2015-04-30Nuclear exploit kit landing page detected
RuleID : 33982 - Revision : 3 - Type : EXPLOIT-KIT
2014-11-16Microsoft Internet Explorer CSS .ipsum layout use-after-free attempt
RuleID : 31585 - Revision : 3 - Type : BROWSER-IE
2014-11-16Microsoft Internet Explorer CSS .ipsum layout use-after-free attempt
RuleID : 31584 - Revision : 3 - Type : BROWSER-IE
2014-03-15Microsoft Internet Explorer 8 deleted object access via timer memory corrupti...
RuleID : 29803 - Revision : 3 - Type : BROWSER-IE
2014-03-15Microsoft Internet Explorer 8 deleted object access via timer memory corrupti...
RuleID : 29802 - Revision : 3 - Type : BROWSER-IE
2014-03-06Microsoft Internet Explorer VML array with negative length memory corruption ...
RuleID : 29602 - Revision : 3 - Type : BROWSER-IE
2014-01-10Nuclear exploit kit Microsoft Internet Explorer vulnerability request
RuleID : 28424 - Revision : 2 - Type : EXPLOIT-KIT
2014-01-10Himan exploit kit landing page
RuleID : 28307 - Revision : 2 - Type : EXPLOIT-KIT
2014-01-10Microsoft Internet Explorer 8 deleted object access via timer memory corrupti...
RuleID : 27062 - Revision : 2 - Type : BROWSER-IE
2014-01-10Microsoft Internet Explorer 8 deleted object access via timer memory corrupti...
RuleID : 27061 - Revision : 3 - Type : BROWSER-IE
2014-01-10Microsoft Internet Explorer CDispNode float css element use after free attempt
RuleID : 26754 - Revision : 2 - Type : BROWSER-IE
2014-01-10Microsoft Internet Explorer CDispNode float css element use after free attempt
RuleID : 26753 - Revision : 3 - Type : BROWSER-IE
2014-01-10Microsoft Internet Explorer runtimeStyle memory corruption attempt
RuleID : 26642 - Revision : 3 - Type : BROWSER-IE
2014-01-10Microsoft Internet Explorer runtimeStyle memory corruption attempt
RuleID : 26641 - Revision : 4 - Type : BROWSER-IE
2014-01-10Microsoft Internet Explorer VML array with negative length memory corruption ...
RuleID : 26638 - Revision : 6 - Type : BROWSER-IE
2014-01-10Microsoft Internet Explorer DCOMTextNode object use after free attempt
RuleID : 26637 - Revision : 6 - Type : BROWSER-IE
2014-01-10Microsoft Internet Explorer DCOMTextNode object use after free attempt
RuleID : 26636 - Revision : 6 - Type : BROWSER-IE
2014-01-10Microsoft Internet Explorer 8 deleted object access via timer memory corrupti...
RuleID : 26635 - Revision : 4 - Type : BROWSER-IE
2014-01-10Microsoft Internet Explorer 8 deleted object access via timer memory corrupti...
RuleID : 26634 - Revision : 5 - Type : BROWSER-IE
2014-01-10Microsoft Internet Explorer html reload loop attempt
RuleID : 26633 - Revision : 7 - Type : BROWSER-IE
2014-01-10Microsoft Internet Explorer CDispNode float css element use after free attempt
RuleID : 26631 - Revision : 2 - Type : BROWSER-IE
2014-01-10Microsoft Internet Explorer CDispNode float css element use after free attempt
RuleID : 26630 - Revision : 3 - Type : BROWSER-IE
2014-01-10Microsoft Internet Explorer setInterval focus use after free attempt
RuleID : 26629 - Revision : 3 - Type : BROWSER-IE
2014-01-10Microsoft Internet Explorer 7-9 VBScript JSON reference information disclosur...
RuleID : 26625 - Revision : 3 - Type : BROWSER-IE
2014-01-10Microsoft Internet Explorer 7-9 VBScript JSON reference information disclosur...
RuleID : 26624 - Revision : 4 - Type : BROWSER-IE
2014-01-10Microsoft Office MSCOMCTL ActiveX control tabstrip method attempt
RuleID : 24006 - Revision : 13 - Type : FILE-OFFICE
2014-01-10Microsoft Office MSCOMCTL ActiveX control tabstrip method arbitrary code exec...
RuleID : 23845 - Revision : 8 - Type : FILE-MULTIMEDIA
2014-01-10Microsoft Office MSCOMCTL ActiveX control tabstrip method attempt
RuleID : 23844 - Revision : 14 - Type : FILE-OFFICE

Metasploit Database

idDescription
2013-03-06 MS13-037 Microsoft Internet Explorer COALineDashStyleArray Integer Overflow

Nessus® Vulnerability Scanner

DateDescription
2013-05-15Name : The remote host is affected by multiple code execution vulnerabilities.
File : smb_nt_ms13-037.nasl - Type : ACT_GATHER_INFO
2013-02-12Name : The remote Windows host is affected by a remote code execution vulnerability.
File : smb_nt_ms13-020.nasl - Type : ACT_GATHER_INFO

Alert History

If you want to see full details history, please login or register.
0
1
2
3
4
5
6
7
8
9
10
11
DateInformations
2014-11-16 21:25:25
  • Multiple Updates
2014-03-15 21:20:36
  • Multiple Updates
2014-03-06 21:20:52
  • Multiple Updates
2014-02-17 11:47:39
  • Multiple Updates
2014-01-19 21:30:56
  • Multiple Updates
2013-12-16 21:25:31
  • Multiple Updates
2013-10-08 00:22:57
  • Multiple Updates
2013-07-20 13:22:26
  • Multiple Updates
2013-07-05 10:07:26
  • Multiple Updates
2013-05-23 00:15:37
  • Multiple Updates
2013-05-15 13:21:21
  • Multiple Updates
2013-05-14 21:15:51
  • First insertion