| Name | ie_cardspaceclaimcollection |
| CVE | CVE-2013-3918 |
| Exploit Pack | CANVAS |
| Description | ie_cardspaceclaimcollection |
| Notes | CVE Name: CVE-2013-3918 VENDOR: Microsoft NOTES: - This exploits leaks a vtable pointer of a CTable object in order to bypass ASLR - We also leak the shellcode's address so there's no need for heap spraying This exploit has been tested on: - Windows 7 Professional (x86) on IE 9 mshtml.dll version 9.00.8112.16457. - Windows 7 Home Basic (x64) on IE 9 32 bits mshtml.dll version 9.00.8112.16421. - Windows 7 Ultimate (x86) on IE 8 mshtml.dll version 8.00.7600.16385. Repeatability: Single References: http://technet.microsoft.com/en-us/security/bulletin/ms13-090 CVE Url: http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2013-3918 |
| Learn more about the CANVAS Exploit Pack here: CANVAS |