CVE-2013-5045
43Vexday Risk Score
Patch soon. It has a working public exploit.
ssvc Attendepss 17%
from disclosure to weapon198 days
Published on NVDDec 11
1st PoC+198d
metasploitDec 10
exploitation probability
17%top 3% of all CVEs
observed exploitation
nono source reports it
3 public exploit(s)
Microsoft Internet Explorer 10 and 11 allows local users to bypass the Protected Mode protection mechanism, and consequently gain privileges, by leveraging the ability to execute sandboxed code, aka "Internet Explorer Elevation of Privilege Vulnerability."
Affected products
n/a · n/apublic PoCs found — 3
cve_referencepacketstormsecurity.com/files/127245/MS13-097-Registry-Symlink-IE-Sandbox-Escape.htmlunverifiedcve_referencewww.exploit-db.com/exploits/33893unverifiedexploitdbwww.exploit-db.com/exploits/33893unverified⚠ Public resources, to assess the exposure of systems you control or are authorized to test. Test only with authorization.