CVE-2013-5045

{"id": "CVE-2013-5045", "cveTags": [], "metrics": {"cvssMetricV2": [{"type": "Primary", "source": "nvd@nist.gov", "cvssData": {"version": "2.0", "baseScore": 6.2, "accessVector": "LOCAL", "vectorString": "AV:L/AC:H/Au:N/C:C/I:C/A:C", "authentication": "NONE", "integrityImpact": "COMPLETE", "accessComplexity": "HIGH", "availabilityImpact": "COMPLETE", "confidentialityImpact": "COMPLETE"}, "acInsufInfo": false, "impactScore": 10.0, "baseSeverity": "MEDIUM", "obtainAllPrivilege": false, "exploitabilityScore": 1.9, "obtainUserPrivilege": false, "obtainOtherPrivilege": false, "userInteractionRequired": true}]}, "published": "2013-12-11T00:55:03.833", "references": [{"url": "http://packetstormsecurity.com/files/127245/MS13-097-Registry-Symlink-IE-Sandbox-Escape.html", "tags": ["Exploit", "VDB Entry"], "source": "secure@microsoft.com"}, {"url": "http://www.exploit-db.com/exploits/33893", "source": "secure@microsoft.com"}, {"url": "http://www.osvdb.org/100757", "source": "secure@microsoft.com"}, {"url": "https://docs.microsoft.com/en-us/security-updates/securitybulletins/2013/ms13-097", "source": "secure@microsoft.com"}, {"url": "http://packetstormsecurity.com/files/127245/MS13-097-Registry-Symlink-IE-Sandbox-Escape.html", "tags": ["Exploit", "VDB Entry"], "source": "af854a3a-2127-422b-91ae-364da2661108"}, {"url": "http://www.exploit-db.com/exploits/33893", "source": "af854a3a-2127-422b-91ae-364da2661108"}, {"url": "http://www.osvdb.org/100757", "source": "af854a3a-2127-422b-91ae-364da2661108"}, {"url": "https://docs.microsoft.com/en-us/security-updates/securitybulletins/2013/ms13-097", "source": "af854a3a-2127-422b-91ae-364da2661108"}], "vulnStatus": "Deferred", "weaknesses": [{"type": "Primary", "source": "nvd@nist.gov", "description": [{"lang": "en", "value": "CWE-20"}]}], "descriptions": [{"lang": "en", "value": "Microsoft Internet Explorer 10 and 11 allows local users to bypass the Protected Mode protection mechanism, and consequently gain privileges, by leveraging the ability to execute sandboxed code, aka \"Internet Explorer Elevation of Privilege Vulnerability.\""}, {"lang": "es", "value": "Microsoft Internet Explorer 10 y 11 permite a usuarios locales evadir el mecanismo de modo protegido, y consecuentemente obtener privilegios mediante el aprovechamiento de la capacidad de ejecutar c\u00f3digo en una sandbox, tambi\u00e9n conocido como \"Vulnerabilidad de elevaci\u00f3n de privilegios en Internet Explorer\"."}], "lastModified": "2025-04-11T00:51:21.963", "configurations": [{"nodes": [{"negate": false, "cpeMatch": [{"criteria": "cpe:2.3:a:microsoft:internet_explorer:10:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "D5808661-A082-4CBE-808C-B253972487B4"}, {"criteria": "cpe:2.3:a:microsoft:internet_explorer:11:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "15BAAA8C-7AF1-46CE-9FFB-3A498508A1BF"}], "operator": "OR"}]}], "sourceIdentifier": "secure@microsoft.com"}