Use-after-free vulnerability in the CDisplayPointer class in mshtml.dll in Microsoft Internet Explorer 6 through 11 allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via crafted JavaScript code that uses the onpropertychange event handler, as exploited in the wild in September and October 2013, aka "Internet Explorer Memory Corruption Vulnerability."
Metrics
Affected Vendors & Products
References
History
No history.
MITRE
Status: PUBLISHED
Assigner: microsoft
Published: 2013-10-09T14:44:00
Updated: 2024-08-06T16:22:01.567Z
Reserved: 2013-06-03T00:00:00
Link: CVE-2013-3897
Vulnrichment
No data.
NVD
Status : Analyzed
Published: 2013-10-09T14:54:25.747
Modified: 2024-12-19T18:30:40.597
Link: CVE-2013-3897
Redhat
No data.