Lumension® Endpoint Intelligence Center

Intelligence Center » Browse All Vulnerabilities » CVE-2014-4123

Overview

Vulnerability Score 6.8 6.8
CVE Id CVE-2014-4123
Last Modified 31 Oct 2014 03:27:38
Published 15 Oct 2014 06:55:08
Confidentiality Impact PARTIAL PARTIAL
Integrity Impact PARTIAL PARTIAL
Availability Impact PARTIAL PARTIAL
Access Vector NETWORK
Access Complexity MEDIUM
Authentication NONE

CVE-2014-4123

Summary

Microsoft Internet Explorer 7 through 11 allows remote attackers to gain privileges via a crafted web site, aka "Internet Explorer Elevation of Privilege Vulnerability," as exploited in the wild in October 2014, a different vulnerability than CVE-2014-4124.

Vulnerable Systems

Application

  • Microsoft Internet Explorer 10

  • Microsoft Internet Explorer 11

  • Microsoft Internet Explorer 7

  • Microsoft Internet Explorer 7.0.5730

  • Microsoft Internet Explorer 8

  • Microsoft Internet Explorer 9


References

MS - MS14-056

CONFIRM - http://blogs.technet.com/b/srd/archive/2014/10/14/accessing-risk-for-the-october-2014-security-updates.aspx

SECTRACK - 1031018

BID - 70326

SECUNIA - 60968

Related Patches

MS14-056 Cumulative Security Update for Internet Explorer 8 for Windows Server 2008 (KB2987107)

MS14-056 Cumulative Security Update for Internet Explorer 7 for Windows Server 2008 (KB2987107)

MS14-056 Cumulative Security Update for Internet Explorer 9 for Windows Server 2008 (KB2987107)

MS14-056 Cumulative Security Update for Internet Explorer 7 for Windows Server 2003 (KB2987107)

MS14-056 Cumulative Security Update for Internet Explorer 6 for Windows Server 2003 (KB2987107)

MS14-056 Cumulative Security Update for Internet Explorer 8 for Windows Server 2003 (KB2987107)

MS14-056 Cumulative Security Update for Internet Explorer 7 for Windows Vista (KB2987107)

MS14-056 Cumulative Security Update for Internet Explorer 8 for Windows Vista (KB2987107)

MS14-056 Cumulative Security Update for Internet Explorer 9 for Windows Vista (KB2987107)

MS14-056 Cumulative Security Update for Internet Explorer 7 for Windows Server 2003 x64 (KB2987107)

MS14-056 Cumulative Security Update for Internet Explorer 6 for Windows Server 2003 x64 (KB2987107)

MS14-056 Cumulative Security Update for Internet Explorer 8 for Windows Server 2003 x64 (KB2987107)

MS14-056 Cumulative Security Update for Internet Explorer 9 for Windows Vista x64 (KB2987107)

MS14-056 Cumulative Security Update for Internet Explorer 8 for Windows Vista x64 (KB2987107)

MS14-056 Cumulative Security Update for Internet Explorer 7 for Windows Vista x64 (KB2987107)

MS14-056 Cumulative Security Update for Internet Explorer 8 for Windows Server 2008 x64 (KB2987107)

MS14-056 Cumulative Security Update for Internet Explorer 9 for Windows Server 2008 x64 (KB2987107)

MS14-056 Cumulative Security Update for Internet Explorer 7 for Windows Server 2008 x64 (KB2987107)

MS14-056 Cumulative Security Update for Internet Explorer 7 for WEPOS and POSReady 2009 (KB2987107)

MS14-056 Cumulative Security Update for Internet Explorer 6 for WEPOS and POSReady 2009 (KB2987107)

MS14-056 Cumulative Security Update for Internet Explorer 8 for WEPOS and POSReady 2009 (KB2987107)


Last Updated: 27 May 2016 11:06:52