Internet Explorer CDisplayPointer Object onpropertychange Use-After-Free

Added: 10/10/2013
CVE: CVE-2013-3897
BID: 62811
OSVDB: 98207

Background

Internet Explorer is an HTML web browser which comes by default on Microsoft operating systems.

Problem

Microsoft Internet Explorer contains a use-after-free error when processing **CDisplayPointer** objects contained in **mshtml.dll**. The use-after-free memory corruption can be triggered by the **onpropertychange** event. A remote attacker who persuades a user to open a specially crafted web page in a vulnerable version of Internet Explorer could execute arbitrary code in the context of the current user.

Resolution

Apply the KB2879017 update for Internet Explorer.

References

<http://technet.microsoft.com/en-us/security/bulletin/MS13-080&gt;
<http://vrt-blog.snort.org/2013/10/ie-zero-day-cve-2013-3897-youve-been.html&gt;

Limitations

Exploit works on Microsoft Internet Explorer 8 on Windows XP SP3 English (DEP OptIn) and Windows 7 SP1 (DEP OptIn).

JRE 6 must be installed on Windows 7.

The user must open the exploit in Internet Explorer 8.

Platforms

Windows