CVE-2013-0030Improper Restriction of Operations within the Bounds of a Memory Buffer in Microsoft Internet Explorer

CWE-119Improper Restriction of Operations within the Bounds of a Memory Buffer14 documents4 sources
Severity
9.3CRITICALNVD
EPSS
35.0%
top 2.96%
CISA KEV
Not in KEV
Exploit
No known exploits
Affected products
1
Microsoft Internet Explorer
Timeline
PublishedFeb 13
Latest updateMay 5

Description

The Vector Markup Language (VML) implementation in Microsoft Internet Explorer 6 through 10 does not properly allocate buffers, which allows remote attackers to execute arbitrary code via a crafted web site, aka "VML Memory Corruption Vulnerability."

CVSS vector

AV:N/AC:M/C:C/I:C/A:CExploitability: 8.6 | Impact: 10.0

Affected Packages1 packages

NVDmicrosoft/internet_explorer5 versions+4

🔴Vulnerability Details

1
GHSA
GHSA-x9m7-4882-58w9: The Vector Markup Language (VML) implementation in Microsoft Internet Explorer 6 through 10 does not properly allocate buffers, which allows remote at2022-05-05

🕵️Threat Intelligence

1
Zscaler
Zscaler found Multiple Security Vulnerabilities | 02-12-2013

💬Community

10
Bugzilla
CVE-2013-5904 Oracle JDK: unspecified vulnerability fixed in 7u51 (Deployment)2014-01-15
Bugzilla
CVE-2013-5906 Oracle JDK: unspecified vulnerability fixed in 5.0u71, 6u71 and 7u51 (Install)2014-01-15
Bugzilla
CVE-2013-5889 Oracle JDK: unspecified vulnerability fixed in 6u71 and 7u51 (Deployment)2014-01-15
Bugzilla
CVE-2013-5898 Oracle JDK: unspecified vulnerability fixed in 6u71 and 7u51 (Deployment)2014-01-15
Bugzilla
CVE-2013-5899 Oracle JDK: unspecified vulnerability fixed in 6u71 and 7u51 (Deployment)2014-01-15
CVE-2013-0030 — Microsoft vulnerability | cvebase