Windows IE Use-After-Free Vulnerability MS13-047 (June 21, 2013)

By

Internet Explorer is a series of graphical web browsers developed by Microsoft and included as part of the Microsoft Windows line of operating systems. It is one of the most widely used web browsers. It is capable of rendering static and dynamic web content, as well as other web browsing related tasks such as displaying HTML pages, downloading files, parsing various image formats, running different types of multimedia content, and opening files in various formats using various plugins.

The Document Object Model (DOM) is a cross-platform and language-independent convention for representing and interacting with objects in HTML, XHTML and XML documents. Objects in the DOM tree may be addressed and manipulated by using methods on the objects. The public interface of a DOM is specified in its application programming interface (API). From version 6, Internet Explorer 6 started supporting the DOM structure. In the DOM, all HTML tags and their attributes are stored in a tree-like structure as nodes, along with the text and other literal data that form the leaves of this tree. IE supports dynamic manipulation of the DOM through client side scripting.

A use-after-free vulnerability exists in Microsoft Internet Explorer when IE is handling one of the DOM objects. By exploiting this vulnerability, Microsoft Internet Explorer 6 through 10 allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via a crafted web site. Any successfully injected code will be executed in the context of the currently logged on user.

Dell SonicWALL threat team has researched this vulnerability and released the following IPS signature:

  • 9954 Windows IE Use-After-Free Vulnerability (MS13-047) 15

This vulnerability has been referred by CVE as CVE-2013-3121.

Security News
The SonicWall Capture Labs Threat Research Team gathers, analyzes and vets cross-vector threat information from the SonicWall Capture Threat network, consisting of global devices and resources, including more than 1 million security sensors in nearly 200 countries and territories. The research team identifies, analyzes, and mitigates critical vulnerabilities and malware daily through in-depth research, which drives protection for all SonicWall customers. In addition to safeguarding networks globally, the research team supports the larger threat intelligence community by releasing weekly deep technical analyses of the most critical threats to small businesses, providing critical knowledge that defenders need to protect their networks.