CVE-2013-5046

CVSS v2.0 6.2 MEDIUM

6.2^/10

CVSS v2.0 : MEDIUM

Vector : AV:L/AC:H/Au:N/C:C/I:C/A:C

Exploitability : 1.9 / Impact : 10.0

Access Vector LOCAL

Access Complexity HIGH

Authentication NONE

Confidentiality Impact COMPLETE

Integrity Impact COMPLETE

Availability Impact COMPLETE

M

icrosoft Internet Explorer 7 through 11 allows local users to bypass the Protected Mode protection mechanism, and consequently gain privileges, by leveraging the ability to execute sandboxed code, aka "Internet Explorer Elevation of Privilege Vulnerability."

References

Link	Resource
https://docs.microsoft.com/en-us/security-updates/securitybulletins/2013/ms13-097
https://docs.microsoft.com/en-us/security-updates/securitybulletins/2013/ms13-097

Configurations

Configuration 1 (hide)

OR	cpe:2.3:a:microsoft:internet_explorer:7:::::::*
	cpe:2.3:a:microsoft:internet_explorer:8:::::::*
	cpe:2.3:a:microsoft:internet_explorer:9:::::::*
	cpe:2.3:a:microsoft:internet_explorer:10:::::::*
	cpe:2.3:a:microsoft:internet_explorer:11:-::::::

History

21 Nov 2024, 01:56

Type	Values Removed	Values Added
References	~~() https://docs.microsoft.com/en-us/security-updates/securitybulletins/2013/ms13-097 -~~	() https://docs.microsoft.com/en-us/security-updates/securitybulletins/2013/ms13-097 -

Information

Published : 2013-12-11 00:55

Updated : 2025-04-11 00:51

NVD link : CVE-2013-5046

Mitre link : CVE-2013-5046

CVE.ORG link : CVE-2013-5046

JSON object : View

Products Affected

internet_explorer

CWE

CWE-20

Improper Input Validation

{"id": "CVE-2013-5046", "cveTags": [], "metrics": {"cvssMetricV2": [{"type": "Primary", "source": "[email protected]", "cvssData": {"version": "2.0", "baseScore": 6.2, "accessVector": "LOCAL", "vectorString": "AV:L/AC:H/Au:N/C:C/I:C/A:C", "authentication": "NONE", "integrityImpact": "COMPLETE", "accessComplexity": "HIGH", "availabilityImpact": "COMPLETE", "confidentialityImpact": "COMPLETE"}, "acInsufInfo": false, "impactScore": 10.0, "baseSeverity": "MEDIUM", "obtainAllPrivilege": false, "exploitabilityScore": 1.9, "obtainUserPrivilege": false, "obtainOtherPrivilege": false, "userInteractionRequired": false}]}, "published": "2013-12-11T00:55:03.867", "references": [{"url": "https://docs.microsoft.com/en-us/security-updates/securitybulletins/2013/ms13-097", "source": "[email protected]"}, {"url": "https://docs.microsoft.com/en-us/security-updates/securitybulletins/2013/ms13-097", "source": "af854a3a-2127-422b-91ae-364da2661108"}], "vulnStatus": "Deferred", "weaknesses": [{"type": "Primary", "source": "[email protected]", "description": [{"lang": "en", "value": "CWE-20"}]}], "descriptions": [{"lang": "en", "value": "Microsoft Internet Explorer 7 through 11 allows local users to bypass the Protected Mode protection mechanism, and consequently gain privileges, by leveraging the ability to execute sandboxed code, aka \"Internet Explorer Elevation of Privilege Vulnerability.\""}, {"lang": "es", "value": "Microsoft Internet Explorer 7 hasta la versi\u00f3n 11 permite a usuarios locales evadir el mecanismo de protecci\u00f3n de modo protegido, y consecuentemente obtener privilegios, mediante el aprovechamiento de la capacidad de ejecutar c\u00f3digo en una sandbox, tambi\u00e9n conocido como \"Vulnerabilidad de elevaci\u00f3n de privilegios en Internet Explorer\"."}], "lastModified": "2025-04-11T00:51:21.963", "configurations": [{"nodes": [{"negate": false, "cpeMatch": [{"criteria": "cpe:2.3:a:microsoft:internet_explorer:7:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "1A33FA7F-BB2A-4C66-B608-72997A2BD1DB"}, {"criteria": "cpe:2.3:a:microsoft:internet_explorer:8:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "A52E757F-9B41-43B4-9D67-3FEDACA71283"}, {"criteria": "cpe:2.3:a:microsoft:internet_explorer:9:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "C043EDDD-41BF-4718-BDCF-158BBBDB6360"}, {"criteria": "cpe:2.3:a:microsoft:internet_explorer:10:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "D5808661-A082-4CBE-808C-B253972487B4"}, {"criteria": "cpe:2.3:a:microsoft:internet_explorer:11:-:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "D7809F78-8D56-4925-A8F9-4119B973A667"}], "operator": "OR"}]}], "sourceIdentifier": "[email protected]"}