# CVE-2013-3893 Microsoft Internet Explorer 8 – ‘SetMouseCapture ‘ Use After Free
==EXP==
# Exploit Title: Microsoft Internet Explorer 8 - 'SetMouseCapture ' Use After Free
# Date: 15/05/2021
# CVE : CVE-2013-3893
# PoC: https://github.com/travelworld/cve_2013_3893_trigger.html/blob/gh-pages/params.json
# Exploit Author: SlidingWindow
# Vendor Advisory: https://docs.microsoft.com/en-us/security-updates/SecurityAdvisories/2013/2887505?redirectedfrom=MSDN
# Tested on: Microsoft Internet Explorer 8 (version: 8.0.7601.17514) on Windows 7 SP1 (Version 6.1 Build 7601 SP1)
# Bypasses: DEP, ASLR using MSVCR71.DLL
# Thanks to @corelanc0d3r for awesome Heap Exploitation Training and @offsectraining for OSCP training