Lumension® Endpoint Intelligence Center

Intelligence Center » Browse All Vulnerabilities » CVE-2014-8967

Overview

Vulnerability Score 6.8 6.8
CVE Id CVE-2014-8967
Last Modified 18 Feb 2015 10:00:09
Published 15 Dec 2014 01:59:19
Confidentiality Impact PARTIAL PARTIAL
Integrity Impact PARTIAL PARTIAL
Availability Impact PARTIAL PARTIAL
Access Vector NETWORK
Access Complexity MEDIUM
Authentication NONE

CVE-2014-8967

Summary

Use-after-free vulnerability in Microsoft Internet Explorer allows remote attackers to execute arbitrary code via a crafted HTML document in conjunction with a Cascading Style Sheets (CSS) token sequence specifying the run-in value for the display property, leading to improper CElement reference counting.

Vulnerable Systems

Application

  • Microsoft Internet Explorer -


References

MISC - http://zerodayinitiative.com/advisories/ZDI-14-403/

BID - 71483

Related Patches

MS15-009 Cumulative Security Update for Internet Explorer 8 for Windows Server 2008 (KB3021952)

MS15-009 Cumulative Security Update for Internet Explorer 7 for Windows Server 2008 (KB3021952)

MS15-009 Cumulative Security Update for Internet Explorer 6 for Windows Server 2003 (KB3021952)

MS15-009 Cumulative Security Update for Internet Explorer 7 for Windows Server 2003 (KB3021952)

MS15-009 Cumulative Security Update for Internet Explorer 8 for Windows Server 2003 (KB3021952)

MS15-009 Cumulative Security Update for Internet Explorer 9 for Windows Server 2008 (KB3021952)

MS15-009 Security Update for Internet Explorer 9 for Windows Server 2008 (KB3034196)

MS15-009 Cumulative Security Update for Internet Explorer 9 for Windows Vista (KB3021952)

MS15-009 Security Update for Internet Explorer 9 for Windows Vista (KB3034196)

MS15-009 Cumulative Security Update for Internet Explorer 7 for Windows Vista (KB3021952)

MS15-009 Cumulative Security Update for Internet Explorer 8 for Windows Vista (KB3021952)

MS15-009 Cumulative Security Update for Internet Explorer 9 for Windows Vista x64 (KB3021952)

MS15-009 Cumulative Security Update for Internet Explorer 8 for Windows Vista x64 (KB3021952)

MS15-009 Cumulative Security Update for Internet Explorer 7 for Windows Vista x64 (KB3021952)

MS15-009 Security Update for Internet Explorer 9 for Windows Vista x64 (KB3034196)

MS15-009 Cumulative Security Update for Internet Explorer 8 for Windows Server 2008 x64 (KB3021952)

MS15-009 Security Update for Internet Explorer 9 for Windows Server 2008 x64 (KB3034196)

MS15-009 Cumulative Security Update for Internet Explorer 9 for Windows Server 2008 x64 (KB3021952)

MS15-009 Cumulative Security Update for Internet Explorer 7 for Windows Server 2008 x64 (KB3021952)

MS15-009 Cumulative Security Update for Internet Explorer 6 for Windows Server 2003 x64 (KB3021952)

MS15-009 Cumulative Security Update for Internet Explorer 8 for Windows Server 2003 x64 (KB3021952)

MS15-009 Cumulative Security Update for Internet Explorer 7 for Windows Server 2003 x64 (KB3021952)

MS15-009 Cumulative Security Update for Internet Explorer 6 for WEPOS and POSReady 2009 (KB3021952)

MS15-009 Cumulative Security Update for Internet Explorer 7 for WEPOS and POSReady 2009 (KB3021952)

MS15-009 Cumulative Security Update for Internet Explorer 8 for WEPOS and POSReady 2009 (KB3021952)


Last Updated: 27 May 2016 11:07:16