CVE-2013-3846

Microsoft Internet Explorer 9 and 10 - Use-After-Free via CSpliceTreeEngine::InsertSplice

Title source: llm
STIX 2.1

Exploitation Summary

EIP tracks 1 public exploit for CVE-2013-3846.

AI-analyzed exploit summary This is a functional Metasploit exploit for CVE-2013-3846, targeting a use-after-free vulnerability in Microsoft Internet Explorer 8. It leverages a crafted HTML page to trigger memory corruption and achieve remote code execution via ROP chains tailored for Windows XP SP3 and Windows 7.

Description

Use-after-free vulnerability in Microsoft Internet Explorer 9 and 10 allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via a crafted CSpliceTreeEngine::InsertSplice object in an HTML document, aka "Internet Explorer Memory Corruption Vulnerability," a different vulnerability than CVE-2013-3143 and CVE-2013-3161.

Exploits (1)

exploitdb WORKING POC
rubyremotewindows
https://www.exploit-db.com/exploits/28187

This is a functional Metasploit exploit for CVE-2013-3846, targeting a use-after-free vulnerability in Microsoft Internet Explorer 8. It leverages a crafted HTML page to trigger memory corruption and achieve remote code execution via ROP chains tailored for Windows XP SP3 and Windows 7.

Classification
Working Poc 100%
Attack Type
Rce
Complexity
Complex
Reliability
Reliable
Target: Microsoft Internet Explorer 8
No auth needed
Prerequisites: Victim must visit a malicious webpage using Internet Explorer 8
devstral-2 · analyzed Feb 19, 2026 Full analysis →

References (2)

Core 2
Core References
Third Party Advisory x_refsource_misc
http://www.zerodayinitiative.com/advisories/ZDI-13-231/

Scores

EPSS 0.6682
EPSS Percentile 98.6%

Details

CWE
CWE-399
Status published
Products (2)
microsoft/internet_explorer 9
microsoft/internet_explorer 10
Published Dec 29, 2013
Tracked Since Feb 18, 2026