Published: 11/12/2013 Updated: 12/10/2018

CVSS v2 Base Score: 6.2 | Impact Score: 10 | Exploitability Score: 1.9

VMScore: 625

Vector: AV:L/AC:H/Au:N/C:C/I:C/A:C

Microsoft Internet Explorer 10 and 11 allows local users to bypass the Protected Mode protection mechanism, and consequently gain privileges, by leveraging the ability to execute sandboxed code, aka "Internet Explorer Elevation of Privilege Vulnerability."

Vulnerable Product	Search on Vulmon	Subscribe to Product
microsoft internet explorer 11
microsoft internet explorer 10

## # This module requires Metasploit: http//metasploitcom/download # Current source: githubcom/rapid7/metasploit-framework ## require 'msf/core' require 'rex' require 'msf/core/exploit/exe' require 'msf/core/exploit/powershell' class Metasploit3 < Msf::Exploit::Local Rank = GreatRanking include Msf::Exploit::Powershell include ...

This Metasploit module exploits a vulnerability in Internet Explorer Sandbox which allows to escape the Enhanced Protected Mode and execute code with Medium Integrity The vulnerability exists in the IESetProtectedModeRegKeyOnly function from the ieframedll component, which can be abused to force medium integrity IE to user influenced keys By usi ...

CWE-20 http://packetstormsecurity.com/files/127245/MS13-097-Registry-Symlink-IE-Sandbox-Escape.html http://www.osvdb.org/100757 http://www.exploit-db.com/exploits/33893 https://docs.microsoft.com/en-us/security-updates/securitybulletins/2013/ms13-097 https://nvd.nist.gov https://www.exploit-db.com/exploits/33893/

CVE-2013-5045

Vulnerability Summary

Vulnerability Trend

Exploits

References

Vulmon Search

About

Products

Connect