CVE-2013-1313
published 2013-02-13CVE-2013-1313: Object Linking and Embedding (OLE) Automation in Microsoft Windows XP SP3 does not properly allocate memory, which allows remote attackers to execute arbitrary…
PriorityP355critical9.3CVSS 2.0
AVNACMAuNCCICAC
EPSS
22.70%
97.4th percentile
Object Linking and Embedding (OLE) Automation in Microsoft Windows XP SP3 does not properly allocate memory, which allows remote attackers to execute arbitrary code via a crafted RTF document, aka "OLE Automation Remote Code Execution Vulnerability."
Affected
1 ranges
| Vendor | Product | Version range | Fixed in |
|---|---|---|---|
| microsoft | internet_explorer | — | — |
Stop checking back — get the weekly exploitation signal.
Every Monday: what got weaponized or added to CISA KEV in the last seven days — each CVE cross-linked to its PoC, Nuclei template, and detection rule. Free, one email a week, unsubscribe in one click.
GHSA
GHSA-fqjw-c53g-2jq8: Object Linking and Embedding (OLE) Automation in Microsoft Windows XP SP3 does not properly allocate memory, which allows remote attackers to execute
ghsa_unreviewed·2022-05-14
CVE-2013-1313 [HIGH] GHSA-fqjw-c53g-2jq8: Object Linking and Embedding (OLE) Automation in Microsoft Windows XP SP3 does not properly allocate memory, which allows remote attackers to execute
Object Linking and Embedding (OLE) Automation in Microsoft Windows XP SP3 does not properly allocate memory, which allows remote attackers to execute arbitrary code via a crafted RTF document, aka "OLE Automation Remote Code Execution Vulnerability."
GHSA
GHSA-764w-g8wq-qgg3: Use-after-free vulnerability in Microsoft Internet Explorer 9 allows remote attackers to execute arbitrary code via a crafted web site that triggers a
ghsa_unreviewed·2022-05-14·CVSS 9.3
CVE-2013-1306 [CRITICAL] CWE-416 GHSA-764w-g8wq-qgg3: Use-after-free vulnerability in Microsoft Internet Explorer 9 allows remote attackers to execute arbitrary code via a crafted web site that triggers a
Use-after-free vulnerability in Microsoft Internet Explorer 9 allows remote attackers to execute arbitrary code via a crafted web site that triggers access to a deleted object, aka "Internet Explorer Use After Free Vulnerability," a different vulnerability than CVE-2013-1313.
No detection rules found.
No public exploits indexed.
http://www.us-cert.gov/cas/techalerts/TA13-043B.htmlhttps://docs.microsoft.com/en-us/security-updates/securitybulletins/2013/ms13-020https://docs.microsoft.com/en-us/security-updates/securitybulletins/2013/ms13-037https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A16385http://www.us-cert.gov/cas/techalerts/TA13-043B.htmlhttps://docs.microsoft.com/en-us/security-updates/securitybulletins/2013/ms13-020https://docs.microsoft.com/en-us/security-updates/securitybulletins/2013/ms13-037https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A16385
2013-02-13
Published