MicrosoftCVE-2013-5056CVE-2013-5056
CVSS2
Attack Vector
NETWORK
Attack Complexity
MEDIUM
Authentication
NONE
Confidentiality Impact
COMPLETE
Integrity Impact
COMPLETE
Availability Impact
COMPLETE
AV:N/AC:M/Au:N/C:C/I:C/A:C
AI Score
Confidence
High
EPSS
Percentile
99.1%
Use-after-free vulnerability in the Scripting Runtime Object Library in Microsoft Windows XP SP2 and SP3, Windows Server 2003 SP2, Windows Vista SP2, Windows Server 2008 SP2 and R2 SP1, Windows 7 SP1, Windows 8, Windows 8.1, Windows Server 2012 Gold and R2, and Windows RT Gold and 8.1 allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via a crafted web site that is visited with Internet Explorer, aka “Use-After-Free Vulnerability in Microsoft Scripting Runtime Object Library.”
Affected configurations
| Vendor | Product | Version | CPE |
|---|---|---|---|
| microsoft | windows_7 | - | cpe:2.3:o:microsoft:windows_7:-:sp1:*:*:*:*:*:* |
| microsoft | windows_8 | - | cpe:2.3:o:microsoft:windows_8:-:*:*:*:*:*:*:* |
| microsoft | windows_8.1 | - | cpe:2.3:o:microsoft:windows_8.1:-:*:*:*:*:*:*:* |
| microsoft | windows_rt | - | cpe:2.3:o:microsoft:windows_rt:-:*:*:*:*:*:*:* |
| microsoft | windows_rt_8.1 | - | cpe:2.3:o:microsoft:windows_rt_8.1:-:*:*:*:*:*:*:* |
| microsoft | windows_server_2003 | - | cpe:2.3:o:microsoft:windows_server_2003:-:sp2:*:*:*:*:*:* |
| microsoft | windows_server_2008 | - | cpe:2.3:o:microsoft:windows_server_2008:-:sp2:*:*:*:*:*:* |
| microsoft | windows_server_2008 | r2 | cpe:2.3:o:microsoft:windows_server_2008:r2:sp1:*:*:*:*:itanium:* |
| microsoft | windows_server_2008 | r2 | cpe:2.3:o:microsoft:windows_server_2008:r2:sp1:*:*:*:*:x64:* |
| microsoft | windows_server_2012 | - | cpe:2.3:o:microsoft:windows_server_2012:-:*:*:*:*:*:*:* |
Related
CVSS2
Attack Vector
NETWORK
Attack Complexity
MEDIUM
Authentication
NONE
Confidentiality Impact
COMPLETE
Integrity Impact
COMPLETE
Availability Impact
COMPLETE
AV:N/AC:M/Au:N/C:C/I:C/A:C
AI Score
Confidence
High
EPSS
Percentile
99.1%