CVE-2013-5046Improper Input Validation in Microsoft Internet Explorer

CWE-20Improper Input Validation4 documents3 sources
Severity
6.2MEDIUMNVD
EPSS
2.6%
top 14.45%
CISA KEV
Not in KEV
Exploit
No known exploits
Affected products
1
Microsoft Internet Explorer
Timeline
PublishedDec 11
Latest updateMay 14

Description

Microsoft Internet Explorer 7 through 11 allows local users to bypass the Protected Mode protection mechanism, and consequently gain privileges, by leveraging the ability to execute sandboxed code, aka "Internet Explorer Elevation of Privilege Vulnerability."

CVSS vector

AV:L/AC:H/C:C/I:C/A:CExploitability: 1.9 | Impact: 10.0

Affected Packages1 packages

NVDmicrosoft/internet_explorer5 versions+4

🔴Vulnerability Details

1
GHSA
GHSA-j4ch-cmrf-qx97: Microsoft Internet Explorer 7 through 11 allows local users to bypass the Protected Mode protection mechanism, and consequently gain privileges, by le2022-05-14

🕵️Threat Intelligence

2
Talos
Microsoft Update Tuesday: December 2013, some 0-day fixes2013-12-10
Talos
Microsoft Update Tuesday: December 2013, some 0-day fixes2013-12-10
CVE-2013-5046 — Improper Input Validation in Microsoft | cvebase