Strike ID:
E13-aqm01
CVSS:
9.3 (AV:N/AC:M/Au:N/C:C/I:C/A:C)
False Positive:
t
Variants:
4
Year:
2013

Description

This strike exploits a integer vulnerability inside Microsoft Internet Explorer. The length field of a dashstyle array is not validated properly, and when this property is passed a negative value an attacker modify data inside the array.

CVE

References

MSB

BID

ExploitDB

Secunia

Security Tracker

Metasploit

ZDI

Google

OSVDB

{91197}