Thursday, January 27, 2022

CVE-2013-0027 Discovered affects Internet Explorer 6 to 10

The latest exploit, CVE-2013-0027 affected almost all versions of Microsoft Internet Explorer and affected all windows operating systems including the major server editions too. Thirteen private vulnerabilities were recently patched in a security bulletin by Microsoft.

The exposure, now branded as critical for Internet Explorer 6, 7, 8, 9 and 10, admitted remote code execution if a user attempted to visit a specially crafted web page using those versions of IE.

The vulnarbility allowed an attacker to gain the same user privileged as the current users, which is triggered by an improper memory operation executed by IE when addressing the crafted HTML content.

The exploit for MS13-009 Microsoft Internet Explorer SLayoutRun Use-After-Free vulnerability has been released by Metasploit and is available on ExploitDb as well. Here is the code for this exploit:

About FastFlux

Owner of ZeroSecurity, interested in programming, malware analysis and penetration testing. If you would like to write for the ZeroSecurity team, please use the contact form above.

Check Also

Amazon hacked – hacker leaks 80,000 login credentials

A hacker going by the name 0x2Taylor has said to have breached the servers of …