Unrated severityNVD Advisory· Published Dec 29, 2013· Updated Jun 16, 2026
CVE-2013-3846
CVE-2013-3846
Description
Use-after-free vulnerability in Microsoft Internet Explorer 9 and 10 allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via a crafted CSpliceTreeEngine::InsertSplice object in an HTML document, aka "Internet Explorer Memory Corruption Vulnerability," a different vulnerability than CVE-2013-3143 and CVE-2013-3161.
AI Insight
LLM-synthesized narrative grounded in this CVE's description and references.
Affected products
3cpe:2.3:a:microsoft:internet_explorer:10:*:*:*:*:*:*:*+ 2 more
- cpe:2.3:a:microsoft:internet_explorer:10:*:*:*:*:*:*:*
- cpe:2.3:a:microsoft:internet_explorer:9:*:*:*:*:*:*:*
- (no CPE)range: 9 and 10
Patches
Vulnerability mechanics
References
2News mentions
0No linked articles in our index yet.