Use-after-free vulnerability in Microsoft Internet Explorer 9 and 10 allows remote attackers to execute arbitrary code via a crafted web site that triggers access to an object that (1) was not properly initialized or (2) is deleted, aka "Improper Ref Counting Use After Free Vulnerability."

Threat-Mapped Scoring

Score: 1.8

Priority: P4 - Informational (Low)

• S9 – Sabotage of System/App

EPSS

Score: 0.36178
Percentile: 0.96928

CVSS Scoring

Mapped CWE(s)

• CWE-416 : Use After Free

Affected Products

• cpe:2.3:a:microsoft:internet_explorer:9:*:*:*:*:*:*:*
• cpe:2.3:a:microsoft:internet_explorer:10:*:*:*:*:*:*:*

← Back to Home