Latest YouTube Video

Friday, November 25, 2016

[FD] CVE-2013-3120 MSIE 10 MSHTML CEditAdorner::Detach use-after-free details

Throughout November, I plan to release details on vulnerabilities I found in web-browsers which I've not released before. This is the nineteenth entry in that series. Unfortunately I won't be able to publish everything within one month at the current rate, so I may continue to publish these through December and January. The below information is available in more detail on my blog at http://ift.tt/2fYVIIU. There you can find a repro that triggered this issue in addition to the information below. Today's release is a bit skimpy as it was found over 3 years ago, back when I did not have the tool-set to analyze issues that I have today. Follow me on http://twitter.com/berendjanwever for daily browser bugs. MSIE 10 MSHTML CEditAdorner::Detach use-after-free ================================================== (MS13-047, CVE-2013-3120) Synopsis

Source: Gmail -> IFTTT-> Blogger

No comments: