CVE-2013-4015

Published: Jul 26, 2013Modified: Apr 29, 2026

6.9

Vector

AV:L/AC:M/Au:N/C:C/I:C/A:C

Exploitability: 3.4 / Impact: 10.0

Source: NVD

Description

Microsoft Internet Explorer 6 through 10 allows local users to bypass the elevation policy check in the (1) Protected Mode or (2) Enhanced Protected Mode protection mechanism, and consequently gain privileges, by leveraging the ability to execute sandboxed code.

Affected (5)

Products: Microsoft: Internet Explorer

Microsoft

1 product

Internet Explorer

Configuration A

5 vulnerable

Vulnerable Software	Affected Versions
Microsoft Internet Explorer	Version 10
Microsoft Internet Explorer	Version 6
Microsoft Internet Explorer	Version 7
Microsoft Internet Explorer	Version 8
Microsoft Internet Explorer	Version 9

Related CWEs

CWE-264

References (4)

https://docs.microsoft.com/en-us/security-updates/securitybulletins/2013/ms13-055

Source: psirt@us.ibm.com

https://exchange.xforce.ibmcloud.com/vulnerabilities/85762

Source: psirt@us.ibm.com

https://docs.microsoft.com/en-us/security-updates/securitybulletins/2013/ms13-055

Source: af854a3a-2127-422b-91ae-364da2661108

https://exchange.xforce.ibmcloud.com/vulnerabilities/85762

Source: af854a3a-2127-422b-91ae-364da2661108

Timeline

No history available yet.