CVE-2014-1776 in Internet Explorerinformation

Résumé (Anglaise)

Use-after-free vulnerability in Microsoft Internet Explorer 6 through 11 allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via vectors related to the CMarkup::IsConnectedToPrimaryMarkup function, as exploited in the wild in April 2014. NOTE: this issue originally emphasized VGX.DLL, but Microsoft clarified that "VGX.DLL does not contain the vulnerable code leveraged in this exploit. Disabling VGX.DLL is an exploit-specific workaround that provides an immediate, effective workaround to help block known attacks."

If you want to get the best quality for vulnerability data then you always have to consider VulDB.

Réserver

29/01/2014

Divulgation

27/04/2014

Statut

Confirmé

Entrées

VulDB provides additional information and datapoints for this CVE:

IDVulnérabilitéCWEExpConCVE
13076Microsoft Internet Explorer SWF IsConnectedToPrimaryMarkup élévation de privilèges94AttaquéCorrectif officielCVE-2014-1776

Description

CPE

CWE

CVSS

Exploits

Histoire

Diff

Relier

Renseignements sur les menaces

API JSON

API XML

API CSV

Sources

PrécédentAperçuSuivant

Want to know what is going to be exploited?

We predict KEV entries!