VYPR
Unrated severityNVD Advisory· Published Dec 29, 2013· Updated Jun 16, 2026

CVE-2013-3846

CVE-2013-3846

Description

Use-after-free vulnerability in Microsoft Internet Explorer 9 and 10 allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via a crafted CSpliceTreeEngine::InsertSplice object in an HTML document, aka "Internet Explorer Memory Corruption Vulnerability," a different vulnerability than CVE-2013-3143 and CVE-2013-3161.

AI Insight

LLM-synthesized narrative grounded in this CVE's description and references.

Affected products

3
  • cpe:2.3:a:microsoft:internet_explorer:10:*:*:*:*:*:*:*+ 2 more
    • cpe:2.3:a:microsoft:internet_explorer:10:*:*:*:*:*:*:*
    • cpe:2.3:a:microsoft:internet_explorer:9:*:*:*:*:*:*:*
    • (no CPE)range: 9 and 10

Patches

Vulnerability mechanics

References

2

News mentions

0

No linked articles in our index yet.