Cyber Resilience

CVE-2013-1347

HighCISA KEVActive ExploitationEUVD ExploitedPublic PoC

Published: 05 May 2013

Published
05 May 2013
Modified
22 April 2026
KEV Added
03 March 2022
Patch
CVSS Score v3.1 8.8 CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H
EPSS Score 0.8771 99.5th percentile
Risk Priority 90 60% EPSS · 20% KEV · 20% CVSS

Summary

CVE-2013-1347 is a high-severity Use After Free (CWE-416) vulnerability in Microsoft Windows Server 2008. Its CVSS base score is 8.8 (High).

Operationally, ranked in the top 0.5% of CVEs by exploit likelihood; CISA has added it to the Known Exploited Vulnerabilities catalog; a public proof-of-concept is referenced.

The strongest mitigations our analysis identified are NIST 800-53 SI-16 (Memory Protection) and SI-2 (Flaw Remediation).

Deeper analysis

Microsoft Internet Explorer 8 contains a use-after-free vulnerability (CWE-416) that stems from improper handling of objects in memory. The flaw permits access to an object that was either not properly allocated or has already been deleted, which can corrupt memory and lead to arbitrary code execution. The issue affects only Internet Explorer 8 and carries a CVSS 3.1 score of 8.8 with network attack vector and required user interaction.

Remote attackers can exploit the weakness by serving specially crafted web content that triggers the memory corruption when the victim visits the page in Internet Explorer 8. Successful exploitation grants the attacker the ability to execute arbitrary code in the context of the current user. The vulnerability was exploited in the wild as early as May 2013.

Microsoft security advisory 2847140 and bulletin MS13-038, along with US-CERT alert TA13-134A, address the issue and direct administrators to apply the corresponding cumulative update for Internet Explorer 8. The same references note that the vulnerability was observed being used in targeted attacks at the time of disclosure.

EU & UK References

Vulnerability details

Microsoft Internet Explorer 8 does not properly handle objects in memory, which allows remote attackers to execute arbitrary code by accessing an object that (1) was not properly allocated or (2) is deleted, as exploited in the wild in May…

more

2013.

CWE(s)
KEV Date Added
03 March 2022

Related Threats

No named actor attribution yet. ATT&CK technique mapping in progress for this CVE.

Affected Assets

microsoft
internet explorer
8

Mitigating Controls

Mitigating Controls (NIST 800-53 r5) AI

prevent

Directly requires timely application of the vendor patch (MS13-038) that eliminates the use-after-free flaw in IE 8.

prevent

Mandates memory-protection safeguards that block unauthorized code execution resulting from the use-after-free memory corruption.

preventdetect

Requires malicious-code protection mechanisms that can block or detect web-delivered exploit content targeting the IE 8 vulnerability.

References