BeyondTrust

Security in Context: The BeyondTrust Blog

Welcome to the Zeroday Tracker: Your Vulnerability Watchlist

Get critical updates on the latest zeroday threats, including impact, mitigation and protection information - only from BeyondTrust.

Internet Explorer 9 Memory Disclosure

Disclosed March 20, 2013    Fully Patched

Vulnerability Description:

Internet Explorer 9 contains a memory disclosure vulnerability that may aid attackers in bypassing ASLR exploit mitigations. The memory disclosure is caused by a function improperly storing a return address in the stack.

Vendors:

Microsoft

Vulnerable Software/Devices:

Internet Explorer 9

Vulnerability Severity:

Medium

Exploit Availability:

N/A

BeyondTrust Prevention and Detection:

BeyondTrust's Retina® Network Security Scanner scans devices to detect for this vulnerability.

  • 18563 – Microsoft Internet Explorer 9 Memory Disclosure (Zero-Day)

Mitigation:

Internet Explorer 10 is not affected by this issue. Users of Internet Explorer 9 can upgrade to Internet Explorer 10.

Links:

CVE(s):

None

Leave a Reply