VYPR
High severity8.8CISA KEVNVD Advisory· Published Oct 9, 2013· Updated Jun 16, 2026

CVE-2013-3897

CVE-2013-3897

Description

Use-after-free vulnerability in the CDisplayPointer class in mshtml.dll in Microsoft Internet Explorer 6 through 11 allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via crafted JavaScript code that uses the onpropertychange event handler, as exploited in the wild in September and October 2013, aka "Internet Explorer Memory Corruption Vulnerability."

AI Insight

LLM-synthesized narrative grounded in this CVE's description and references.

Affected products

7
  • cpe:2.3:a:microsoft:internet_explorer:10:*:*:*:*:*:*:*+ 6 more
    • cpe:2.3:a:microsoft:internet_explorer:10:*:*:*:*:*:*:*
    • cpe:2.3:a:microsoft:internet_explorer:11:-:*:*:*:*:*:*
    • cpe:2.3:a:microsoft:internet_explorer:6:*:*:*:*:*:*:*
    • cpe:2.3:a:microsoft:internet_explorer:7:*:*:*:*:*:*:*
    • cpe:2.3:a:microsoft:internet_explorer:8:*:*:*:*:*:*:*
    • cpe:2.3:a:microsoft:internet_explorer:9:*:*:*:*:*:*:*
    • (no CPE)range: 6-11

Patches

Vulnerability mechanics

References

5

News mentions

0

No linked articles in our index yet.