CVE-2013-1347
Published: 05 May 2013
Summary
CVE-2013-1347 is a high-severity Use After Free (CWE-416) vulnerability in Microsoft Windows Server 2008. Its CVSS base score is 8.8 (High).
Operationally, ranked in the top 0.5% of CVEs by exploit likelihood; CISA has added it to the Known Exploited Vulnerabilities catalog; a public proof-of-concept is referenced.
The strongest mitigations our analysis identified are NIST 800-53 SI-16 (Memory Protection) and SI-2 (Flaw Remediation).
Deeper analysis
Microsoft Internet Explorer 8 contains a use-after-free vulnerability (CWE-416) that stems from improper handling of objects in memory. The flaw permits access to an object that was either not properly allocated or has already been deleted, which can corrupt memory and lead to arbitrary code execution. The issue affects only Internet Explorer 8 and carries a CVSS 3.1 score of 8.8 with network attack vector and required user interaction.
Remote attackers can exploit the weakness by serving specially crafted web content that triggers the memory corruption when the victim visits the page in Internet Explorer 8. Successful exploitation grants the attacker the ability to execute arbitrary code in the context of the current user. The vulnerability was exploited in the wild as early as May 2013.
Microsoft security advisory 2847140 and bulletin MS13-038, along with US-CERT alert TA13-134A, address the issue and direct administrators to apply the corresponding cumulative update for Internet Explorer 8. The same references note that the vulnerability was observed being used in targeted attacks at the time of disclosure.
EU & UK References
- 🇪🇺 ENISA EUVD: EUVD-2013-1387
Vulnerability details
Microsoft Internet Explorer 8 does not properly handle objects in memory, which allows remote attackers to execute arbitrary code by accessing an object that (1) was not properly allocated or (2) is deleted, as exploited in the wild in May…
more
2013.
- CWE(s)
- KEV Date Added
- 03 March 2022
Related Threats
No named actor attribution yet. ATT&CK technique mapping in progress for this CVE.
Affected Assets
Mitigating Controls
Mitigating Controls (NIST 800-53 r5) AI
Directly requires timely application of the vendor patch (MS13-038) that eliminates the use-after-free flaw in IE 8.
Mandates memory-protection safeguards that block unauthorized code execution resulting from the use-after-free memory corruption.
Requires malicious-code protection mechanisms that can block or detect web-delivered exploit content targeting the IE 8 vulnerability.