Weekly Vulnerabilities Reports > October 7 to 13, 2013
Overview
2 new vulnerabilities reported during this period, including 0 critical vulnerabilities and 1 high severity vulnerabilities. This weekly summary report vulnerabilities in 2 products from 1 vendors including and Microsoft. Vulnerabilities are notably categorized as and "Use After Free".
- 1 reported vulnerabilities are remotely exploitables.
- 2 reported vulnerabilities are exploitable by an anonymous user.
- Microsoft has the most reported vulnerabilities, with 2 reported vulnerabilities.
VULNERABILITIES
VULNERABILITIES
VULNERABILITIES
VULNERABILITIES
VULNERABILITIES
EXPLOITABLE
EXPLOITABLE
AVAILABLE
ANONYMOUSLY
WEB APPLICATION
Vulnerability Details
The following table list reported vulnerabilities for the period covered by this report:
0 Critical Vulnerabilities
| DATE | CVE | VENDOR | VULNERABILITY | CVSS |
|---|
1 High Vulnerabilities
| DATE | CVE | VENDOR | VULNERABILITY | CVSS |
|---|---|---|---|---|
| 2013-10-09 | CVE-2013-3897 | Microsoft | Use After Free vulnerability in Microsoft Internet Explorer Use-after-free vulnerability in the CDisplayPointer class in mshtml.dll in Microsoft Internet Explorer 6 through 11 allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via crafted JavaScript code that uses the onpropertychange event handler, as exploited in the wild in September and October 2013, aka "Internet Explorer Memory Corruption Vulnerability." | 8.8 |
1 Medium Vulnerabilities
| DATE | CVE | VENDOR | VULNERABILITY | CVSS |
|---|---|---|---|---|
| 2013-10-09 | CVE-2013-3896 | Microsoft | Unspecified vulnerability in Microsoft Silverlight Microsoft Silverlight 5 before 5.1.20913.0 does not properly validate pointers during access to Silverlight elements, which allows remote attackers to obtain sensitive information via a crafted Silverlight application, aka "Silverlight Vulnerability." | 5.5 |
0 Low Vulnerabilities
| DATE | CVE | VENDOR | VULNERABILITY | CVSS |
|---|