Immunity, Inc.
Name ms13_056
CVE CVE-2013-3174
Exploit Pack CANVAS
DescriptionMS13_056
NotesCVE Name: CVE-2013-3174
VENDOR: Microsoft
NOTES:
This exploit has been tested on:
- Windows XP SP 3 EN on IE 8 (no js_recon)
- Windows 7 PRO SP 1 EN x86-64 on IE 8 32bit (js_recon works)

No webpage open in the browser before running the exploit.

Make sure to enable on the clientd response settings:
- Respond directly with exploit

In case you're on WinXP make sure "Always Do Recon" is de-selected.

Repeatability: Single
References: http://technet.microsoft.com/en-us/security/bulletin/ms13-056
CVE Url: http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2013-3174

Learn more about the CANVAS Exploit Pack here: CANVAS