Lumension® Endpoint Intelligence Center

Intelligence Center » Browse All Vulnerabilities » CVE-2014-1765

Overview

Vulnerability Score 10.0 10.0
CVE Id CVE-2014-1765
Last Modified 17 Jul 2014 01:05:12
Published 27 Apr 2014 06:55:03
Confidentiality Impact COMPLETE COMPLETE
Integrity Impact COMPLETE COMPLETE
Availability Impact COMPLETE COMPLETE
Access Vector NETWORK
Access Complexity LOW
Authentication NONE

CVE-2014-1765

Summary

Multiple use-after-free vulnerabilities in Microsoft Internet Explorer 6 through 11 allow remote attackers to execute arbitrary code via unspecified vectors, as demonstrated by Sebastian Apelt and Andreas Schmidt during a Pwn2Own competition at CanSecWest 2014.

Vulnerable Systems

Application

  • Microsoft Internet Explorer 11


References

MISC - http://www.pwn2own.com/2014/03/pwn2own-results-thursday-day-two/

MISC - http://twitter.com/thezdi/statuses/444216845734666240

SECTRACK - 1030532

MS - MS14-037

SECUNIA - 59775

Related Patches

MS14-037 Cumulative Security Update for Internet Explorer 8 for WEPOS and POSReady 2009 (KB2962872)

MS14-037 Cumulative Security Update for Internet Explorer 7 for WEPOS and POSReady 2009 (KB2962872)


Last Updated: 27 May 2016 11:05:48