Executive Summary

Summary
Title Cumulative Security Update for Internet Explorer (2909921)
Informations
Name MS14-010 First vendor Publication 2014-02-11
Vendor Microsoft Last vendor Modification 2014-02-11
Severity (Vendor) Critical Revision 1.0

Security-Database Scoring CVSS v3

Cvss vector : N/A
Overall CVSS Score NA
Base Score NA Environmental Score NA
impact SubScore NA Temporal Score NA
Exploitabality Sub Score NA
 
Calculate full CVSS 3.0 Vectors scores

Security-Database Scoring CVSS v2

Cvss vector : (AV:N/AC:M/Au:N/C:C/I:C/A:C)
Cvss Base Score 9.3 Attack Range Network
Cvss Impact Score 10 Attack Complexity Medium
Cvss Expoit Score 8.6 Authentication None Required
Calculate full CVSS 2.0 Vectors scores

Detail

Revision Note: V1.0 (February 11, 2014): Bulletin published.

Summary: This security update resolves one publicly disclosed vulnerability and twenty-three privately reported vulnerabilities in Internet Explorer. The most severe vulnerabilities could allow remote code execution if a user views a specially crafted webpage using Internet Explorer. An attacker who successfully exploited the most severe of these vulnerabilities could gain the same user rights as the current user. Users whose accounts are configured to have fewer user rights on the system could be less impacted than users who operate with administrative user rights.

Original Source

Url : http://technet.microsoft.com/en-us/security/bulletin/ms14-010

CWE : Common Weakness Enumeration

% Id Name
92 % CWE-119 Failure to Constrain Operations within the Bounds of a Memory Buffer
4 % CWE-264 Permissions, Privileges, and Access Controls
4 % CWE-200 Information Exposure

OVAL Definitions

Definition Id: oval:org.mitre.oval:def:21717
 
Oval ID: oval:org.mitre.oval:def:21717
Title: Memory corruption vulnerability in Microsoft Internet Explorer (CVE-2014-0290) - MS14-010
Description: Microsoft Internet Explorer 11 allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via a crafted web site, aka "Internet Explorer Memory Corruption Vulnerability," a different vulnerability than CVE-2014-0267 and CVE-2014-0289.
Family: windows Class: vulnerability
Reference(s): CVE-2014-0290
 Version: 5
Platform(s): Microsoft Windows Server 2008 R2
Microsoft Windows Server 2012 R2
Microsoft Windows 8.1
Microsoft Windows 7
 Product(s): Microsoft Internet Explorer 11
Definition Synopsis:
Definition Id: oval:org.mitre.oval:def:21831
 
Oval ID: oval:org.mitre.oval:def:21831
Title: Memory corruption vulnerability in Microsoft Internet Explorer (CVE-2014-0275) - MS14-010
Description: Microsoft Internet Explorer 6 through 11 allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via a crafted web site, aka "Internet Explorer Memory Corruption Vulnerability," a different vulnerability than CVE-2014-0285 and CVE-2014-0286.
Family: windows Class: vulnerability
Reference(s): CVE-2014-0275
 Version: 5
Platform(s): Microsoft Windows XP
Microsoft Windows Vista
Microsoft Windows Server 2003
Microsoft Windows Server 2008
Microsoft Windows Server 2008 R2
Microsoft Windows Server 2012
Microsoft Windows Server 2012 R2
Microsoft Windows 7
Microsoft Windows 8
Microsoft Windows 8.1
 Product(s): Microsoft Internet Explorer 6
Microsoft Internet Explorer 7
Microsoft Internet Explorer 8
Microsoft Internet Explorer 9
Microsoft Internet Explorer 10
Microsoft Internet Explorer 11
Definition Synopsis:
Definition Id: oval:org.mitre.oval:def:21998
 
Oval ID: oval:org.mitre.oval:def:21998
Title: Memory corruption vulnerability in Microsoft Internet Explorer (CVE-2014-0272) - MS14-010
Description: Microsoft Internet Explorer 8 through 10 allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via a crafted web site, aka "Internet Explorer Memory Corruption Vulnerability."
Family: windows Class: vulnerability
Reference(s): CVE-2014-0272
 Version: 5
Platform(s): Microsoft Windows XP
Microsoft Windows Vista
Microsoft Windows Server 2003
Microsoft Windows Server 2008
Microsoft Windows Server 2008 R2
Microsoft Windows Server 2012
Microsoft Windows 7
Microsoft Windows 8
 Product(s): Microsoft Internet Explorer 8
Microsoft Internet Explorer 9
Microsoft Internet Explorer 10
Definition Synopsis:
Definition Id: oval:org.mitre.oval:def:22000
 
Oval ID: oval:org.mitre.oval:def:22000
Title: Memory corruption vulnerability in Microsoft Internet Explorer (CVE-2014-0280) - MS14-010
Description: Microsoft Internet Explorer 6 through 8 allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via a crafted web site, aka "Internet Explorer Memory Corruption Vulnerability."
Family: windows Class: vulnerability
Reference(s): CVE-2014-0280
 Version: 5
Platform(s): Microsoft Windows XP
Microsoft Windows Vista
Microsoft Windows Server 2003
Microsoft Windows Server 2008
Microsoft Windows Server 2008 R2
Microsoft Windows 7
 Product(s): Microsoft Internet Explorer 6
Microsoft Internet Explorer 7
Microsoft Internet Explorer 8
Definition Synopsis:
Definition Id: oval:org.mitre.oval:def:22065
 
Oval ID: oval:org.mitre.oval:def:22065
Title: VBScript Memory Corruption Vulnerability (CVE-2014-0271) - MS14-010, MS14-011
Description: The VBScript engine in Microsoft Internet Explorer 6 through 11, and VBScript 5.6 through 5.8, allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via a crafted web site, aka "VBScript Memory Corruption Vulnerability."
Family: windows Class: vulnerability
Reference(s): CVE-2014-0271
 Version: 10
Platform(s): Microsoft Windows 8
Microsoft Windows 8.1
Microsoft Windows 7
Microsoft Windows Server 2003
Microsoft Windows Server 2008
Microsoft Windows Server 2008 R2
Microsoft Windows Vista
Microsoft Windows XP
Microsoft Windows Server 2012
Microsoft Windows Server 2012 R2
 Product(s): VBScript 5.6
VBScript 5.7
VBScript 5.8
Microsoft Internet Explorer 6
Microsoft Internet Explorer 7
Microsoft Internet Explorer 8
Microsoft Internet Explorer 9
Microsoft Internet Explorer 10
Microsoft Internet Explorer 11
Definition Synopsis:
Definition Id: oval:org.mitre.oval:def:22221
 
Oval ID: oval:org.mitre.oval:def:22221
Title: Memory corruption vulnerability in Microsoft Internet Explorer (CVE-2014-0277) - MS14-010
Description: Microsoft Internet Explorer 8 allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via a crafted web site, aka "Internet Explorer Memory Corruption Vulnerability," a different vulnerability than CVE-2014-0278 and CVE-2014-0279.
Family: windows Class: vulnerability
Reference(s): CVE-2014-0277
 Version: 5
Platform(s): Microsoft Windows XP
Microsoft Windows Vista
Microsoft Windows Server 2003
Microsoft Windows Server 2008
Microsoft Windows Server 2008 R2
Microsoft Windows 7
 Product(s): Microsoft Internet Explorer 8
Definition Synopsis:
Definition Id: oval:org.mitre.oval:def:22230
 
Oval ID: oval:org.mitre.oval:def:22230
Title: Memory corruption vulnerability in Microsoft Internet Explorer (CVE-2014-0279) - MS14-010
Description: Microsoft Internet Explorer 8 allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via a crafted web site, aka "Internet Explorer Memory Corruption Vulnerability," a different vulnerability than CVE-2014-0277 and CVE-2014-0278.
Family: windows Class: vulnerability
Reference(s): CVE-2014-0279
 Version: 5
Platform(s): Microsoft Windows XP
Microsoft Windows Vista
Microsoft Windows Server 2003
Microsoft Windows Server 2008
Microsoft Windows Server 2008 R2
Microsoft Windows 7
 Product(s): Microsoft Internet Explorer 8
Definition Synopsis:
Definition Id: oval:org.mitre.oval:def:22314
 
Oval ID: oval:org.mitre.oval:def:22314
Title: Internet Explorer Cross-domain Information Disclosure Vulnerability - CVE-2014-0293 - MS14-010
Description: Microsoft Internet Explorer 9 through 11 allows remote attackers to read content from a different (1) domain or (2) zone via a crafted web site, aka "Internet Explorer Cross-domain Information Disclosure Vulnerability."
Family: windows Class: vulnerability
Reference(s): CVE-2014-0293
 Version: 5
Platform(s): Microsoft Windows Vista
Microsoft Windows Server 2008
Microsoft Windows Server 2008 R2
Microsoft Windows Server 2012
Microsoft Windows Server 2012 R2
Microsoft Windows 7
Microsoft Windows 8
Microsoft Windows 8.1
 Product(s): Microsoft Internet Explorer 9
Microsoft Internet Explorer 10
Microsoft Internet Explorer 11
Definition Synopsis:
Definition Id: oval:org.mitre.oval:def:22335
 
Oval ID: oval:org.mitre.oval:def:22335
Title: Memory corruption vulnerability in Microsoft Internet Explorer (CVE-2014-0270) - MS14-010
Description: Microsoft Internet Explorer 9 through 11 allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via a crafted web site, aka "Internet Explorer Memory Corruption Vulnerability," a different vulnerability than CVE-2014-0273, CVE-2014-0274, and CVE-2014-0288.
Family: windows Class: vulnerability
Reference(s): CVE-2014-0270
 Version: 5
Platform(s): Microsoft Windows Vista
Microsoft Windows Server 2008
Microsoft Windows Server 2008 R2
Microsoft Windows Server 2012
Microsoft Windows Server 2012 R2
Microsoft Windows 7
Microsoft Windows 8
Microsoft Windows 8.1
 Product(s): Microsoft Internet Explorer 9
Microsoft Internet Explorer 10
Microsoft Internet Explorer 11
Definition Synopsis:
Definition Id: oval:org.mitre.oval:def:22338
 
Oval ID: oval:org.mitre.oval:def:22338
Title: Memory corruption vulnerability in Microsoft Internet Explorer (CVE-2014-0274) - MS14-010
Description: Microsoft Internet Explorer 9 through 11 allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via a crafted web site, aka "Internet Explorer Memory Corruption Vulnerability," a different vulnerability than CVE-2014-0270, CVE-2014-0273, and CVE-2014-0288.
Family: windows Class: vulnerability
Reference(s): CVE-2014-0274
 Version: 5
Platform(s): Microsoft Windows Vista
Microsoft Windows Server 2008
Microsoft Windows Server 2008 R2
Microsoft Windows Server 2012
Microsoft Windows Server 2012 R2
Microsoft Windows 7
Microsoft Windows 8
Microsoft Windows 8.1
 Product(s): Microsoft Internet Explorer 9
Microsoft Internet Explorer 10
Microsoft Internet Explorer 11
Definition Synopsis:
Definition Id: oval:org.mitre.oval:def:22365
 
Oval ID: oval:org.mitre.oval:def:22365
Title: Memory corruption vulnerability in Microsoft Internet Explorer (CVE-2014-0276) - MS14-010
Description: Microsoft Internet Explorer 8 and 9 allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via a crafted web site, aka "Internet Explorer Memory Corruption Vulnerability."
Family: windows Class: vulnerability
Reference(s): CVE-2014-0276
 Version: 5
Platform(s): Microsoft Windows XP
Microsoft Windows Vista
Microsoft Windows Server 2003
Microsoft Windows Server 2008
Microsoft Windows Server 2008 R2
Microsoft Windows 7
 Product(s): Microsoft Internet Explorer 8
Microsoft Internet Explorer 9
Definition Synopsis:
Definition Id: oval:org.mitre.oval:def:22381
 
Oval ID: oval:org.mitre.oval:def:22381
Title: Memory corruption vulnerability in Microsoft Internet Explorer (CVE-2014-0269) - MS14-010
Description: Microsoft Internet Explorer 6 through 10 allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via a crafted web site, aka "Internet Explorer Memory Corruption Vulnerability."
Family: windows Class: vulnerability
Reference(s): CVE-2014-0269
 Version: 5
Platform(s): Microsoft Windows XP
Microsoft Windows Vista
Microsoft Windows Server 2003
Microsoft Windows Server 2008
Microsoft Windows Server 2008 R2
Microsoft Windows Server 2012
Microsoft Windows Server 2012 R2
Microsoft Windows 7
Microsoft Windows 8
Microsoft Windows 8.1
 Product(s): Microsoft Internet Explorer 6
Microsoft Internet Explorer 7
Microsoft Internet Explorer 8
Microsoft Internet Explorer 9
Microsoft Internet Explorer 10
Definition Synopsis:
Definition Id: oval:org.mitre.oval:def:22385
 
Oval ID: oval:org.mitre.oval:def:22385
Title: Memory corruption vulnerability in Microsoft Internet Explorer (CVE-2014-0273) - MS14-010
Description: Microsoft Internet Explorer 9 through 11 allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via a crafted web site, aka "Internet Explorer Memory Corruption Vulnerability," a different vulnerability than CVE-2014-0270, CVE-2014-0274, and CVE-2014-0288.
Family: windows Class: vulnerability
Reference(s): CVE-2014-0273
 Version: 5
Platform(s): Microsoft Windows Vista
Microsoft Windows Server 2008
Microsoft Windows Server 2008 R2
Microsoft Windows Server 2012
Microsoft Windows Server 2012 R2
Microsoft Windows 7
Microsoft Windows 8
Microsoft Windows 8.1
 Product(s): Microsoft Internet Explorer 9
Microsoft Internet Explorer 10
Microsoft Internet Explorer 11
Definition Synopsis:
Definition Id: oval:org.mitre.oval:def:22398
 
Oval ID: oval:org.mitre.oval:def:22398
Title: Memory corruption vulnerability in Microsoft Internet Explorer (CVE-2014-0283) - MS14-010
Description: Microsoft Internet Explorer 9 allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via a crafted web site, aka "Internet Explorer Memory Corruption Vulnerability."
Family: windows Class: vulnerability
Reference(s): CVE-2014-0283
 Version: 5
Platform(s): Microsoft Windows Vista
Microsoft Windows Server 2008
Microsoft Windows Server 2008 R2
Microsoft Windows 7
 Product(s): Microsoft Internet Explorer 9
Definition Synopsis:
Definition Id: oval:org.mitre.oval:def:22413
 
Oval ID: oval:org.mitre.oval:def:22413
Title: Memory corruption vulnerability in Microsoft Internet Explorer (CVE-2014-0289) - MS14-010
Description: Microsoft Internet Explorer 11 allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via a crafted web site, aka "Internet Explorer Memory Corruption Vulnerability," a different vulnerability than CVE-2014-0267 and CVE-2014-0290.
Family: windows Class: vulnerability
Reference(s): CVE-2014-0289
 Version: 5
Platform(s): Microsoft Windows Server 2008 R2
Microsoft Windows 7
Microsoft Windows 8.1
 Product(s): Microsoft Internet Explorer 11
Definition Synopsis:
Definition Id: oval:org.mitre.oval:def:22443
 
Oval ID: oval:org.mitre.oval:def:22443
Title: Memory corruption vulnerability in Microsoft Internet Explorer (CVE-2014-0281) - MS14-010
Description: Microsoft Internet Explorer 8 through 11 allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via a crafted web site, aka "Internet Explorer Memory Corruption Vulnerability," a different vulnerability than CVE-2014-0287.
Family: windows Class: vulnerability
Reference(s): CVE-2014-0281
 Version: 5
Platform(s): Microsoft Windows XP
Microsoft Windows Vista
Microsoft Windows Server 2003
Microsoft Windows Server 2008
Microsoft Windows Server 2008 R2
Microsoft Windows Server 2012
Microsoft Windows Server 2012 R2
Microsoft Windows 7
Microsoft Windows 8
Microsoft Windows 8.1
 Product(s): Microsoft Internet Explorer 8
Microsoft Internet Explorer 9
Microsoft Internet Explorer 10
Microsoft Internet Explorer 11
Definition Synopsis:
Definition Id: oval:org.mitre.oval:def:22464
 
Oval ID: oval:org.mitre.oval:def:22464
Title: Memory corruption vulnerability in Microsoft Internet Explorer (CVE-2014-0287) - MS14-010
Description: Microsoft Internet Explorer 8 through 11 allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via a crafted web site, aka "Internet Explorer Memory Corruption Vulnerability," a different vulnerability than CVE-2014-0281.
Family: windows Class: vulnerability
Reference(s): CVE-2014-0287
 Version: 5
Platform(s): Microsoft Windows XP
Microsoft Windows Vista
Microsoft Windows Server 2003
Microsoft Windows Server 2008
Microsoft Windows Server 2008 R2
Microsoft Windows Server 2012
Microsoft Windows Server 2012 R2
Microsoft Windows 7
Microsoft Windows 8
Microsoft Windows 8.1
 Product(s): Microsoft Internet Explorer 8
Microsoft Internet Explorer 9
Microsoft Internet Explorer 10
Microsoft Internet Explorer 11
Definition Synopsis:
Definition Id: oval:org.mitre.oval:def:22465
 
Oval ID: oval:org.mitre.oval:def:22465
Title: Internet Explorer Elevation of Privilege Vulnerability (CVE-2014-0268) - MS14-010
Description: Microsoft Internet Explorer 8 through 11 does not properly restrict file installation and registry-key creation, which allows remote attackers to bypass the Mandatory Integrity Control protection mechanism via a crafted web site, aka "Internet Explorer Elevation of Privilege Vulnerability."
Family: windows Class: vulnerability
Reference(s): CVE-2014-0268
 Version: 5
Platform(s): Microsoft Windows XP
Microsoft Windows Vista
Microsoft Windows Server 2003
Microsoft Windows Server 2008
Microsoft Windows Server 2008 R2
Microsoft Windows Server 2012
Microsoft Windows Server 2012 R2
Microsoft Windows 7
Microsoft Windows 8
Microsoft Windows 8.1
 Product(s): Microsoft Internet Explorer 8
Microsoft Internet Explorer 9
Microsoft Internet Explorer 10
Microsoft Internet Explorer 11
Definition Synopsis:
Definition Id: oval:org.mitre.oval:def:22481
 
Oval ID: oval:org.mitre.oval:def:22481
Title: Memory corruption vulnerability in Microsoft Internet Explorer (CVE-2014-0288) - MS14-010
Description: Microsoft Internet Explorer 9 through 11 allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via a crafted web site, aka "Internet Explorer Memory Corruption Vulnerability," a different vulnerability than CVE-2014-0270, CVE-2014-0273, and CVE-2014-0274.
Family: windows Class: vulnerability
Reference(s): CVE-2014-0288
 Version: 5
Platform(s): Microsoft Windows Vista
Microsoft Windows Server 2008
Microsoft Windows Server 2008 R2
Microsoft Windows Server 2012
Microsoft Windows Server 2012 R2
Microsoft Windows 7
Microsoft Windows 8
Microsoft Windows 8.1
 Product(s): Microsoft Internet Explorer 9
Microsoft Internet Explorer 10
Microsoft Internet Explorer 11
Definition Synopsis:
Definition Id: oval:org.mitre.oval:def:22509
 
Oval ID: oval:org.mitre.oval:def:22509
Title: Memory corruption vulnerability in Microsoft Internet Explorer (CVE-2014-0284) - MS14-010
Description: Microsoft Internet Explorer 9 and 10 allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via a crafted web site, aka "Internet Explorer Memory Corruption Vulnerability."
Family: windows Class: vulnerability
Reference(s): CVE-2014-0284
 Version: 5
Platform(s): Microsoft Windows Vista
Microsoft Windows Server 2008
Microsoft Windows Server 2008 R2
Microsoft Windows Server 2012
Microsoft Windows 7
Microsoft Windows 8
 Product(s): Microsoft Internet Explorer 9
Microsoft Internet Explorer 10
Definition Synopsis:
Definition Id: oval:org.mitre.oval:def:22510
 
Oval ID: oval:org.mitre.oval:def:22510
Title: Memory corruption vulnerability in Microsoft Internet Explorer (CVE-2014-0286) - MS14-010
Description: Microsoft Internet Explorer 6 through 11 allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via a crafted web site, aka "Internet Explorer Memory Corruption Vulnerability," a different vulnerability than CVE-2014-0275 and CVE-2014-0285.
Family: windows Class: vulnerability
Reference(s): CVE-2014-0286
 Version: 5
Platform(s): Microsoft Windows XP
Microsoft Windows Vista
Microsoft Windows Server 2003
Microsoft Windows Server 2008
Microsoft Windows Server 2008 R2
Microsoft Windows Server 2012
Microsoft Windows Server 2012 R2
Microsoft Windows 7
Microsoft Windows 8
Microsoft Windows 8.1
 Product(s): Microsoft Internet Explorer 6
Microsoft Internet Explorer 7
Microsoft Internet Explorer 8
Microsoft Internet Explorer 9
Microsoft Internet Explorer 10
Microsoft Internet Explorer 11
Definition Synopsis:
Definition Id: oval:org.mitre.oval:def:22516
 
Oval ID: oval:org.mitre.oval:def:22516
Title: Memory corruption vulnerability in Microsoft Internet Explorer (CVE-2014-0278) - MS14-010
Description: Microsoft Internet Explorer 8 allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via a crafted web site, aka "Internet Explorer Memory Corruption Vulnerability," a different vulnerability than CVE-2014-0277 and CVE-2014-0279.
Family: windows Class: vulnerability
Reference(s): CVE-2014-0278
 Version: 5
Platform(s): Microsoft Windows XP
Microsoft Windows Vista
Microsoft Windows Server 2003
Microsoft Windows Server 2008
Microsoft Windows Server 2008 R2
Microsoft Windows 7
 Product(s): Microsoft Internet Explorer 8
Definition Synopsis:
Definition Id: oval:org.mitre.oval:def:22546
 
Oval ID: oval:org.mitre.oval:def:22546
Title: Memory corruption vulnerability in Microsoft Internet Explorer (CVE-2014-0267) - MS14-010
Description: Microsoft Internet Explorer 11 allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via a crafted web site, aka "Internet Explorer Memory Corruption Vulnerability," a different vulnerability than CVE-2014-0289 and CVE-2014-0290.
Family: windows Class: vulnerability
Reference(s): CVE-2014-0267
 Version: 5
Platform(s): Microsoft Windows Server 2008 R2
Microsoft Windows Server 2012 R2
Microsoft Windows 8.1
Microsoft Windows 7
 Product(s): Microsoft Internet Explorer 11
Definition Synopsis:
Definition Id: oval:org.mitre.oval:def:22559
 
Oval ID: oval:org.mitre.oval:def:22559
Title: Memory corruption vulnerability in Microsoft Internet Explorer (CVE-2014-0285) - MS14-010
Description: Microsoft Internet Explorer 6 through 11 allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via a crafted web site, aka "Internet Explorer Memory Corruption Vulnerability," a different vulnerability than CVE-2014-0275 and CVE-2014-0286.
Family: windows Class: vulnerability
Reference(s): CVE-2014-0285
 Version: 5
Platform(s): Microsoft Windows XP
Microsoft Windows Vista
Microsoft Windows Server 2003
Microsoft Windows Server 2008
Microsoft Windows Server 2008 R2
Microsoft Windows Server 2012
Microsoft Windows Server 2012 R2
Microsoft Windows 7
Microsoft Windows 8
Microsoft Windows 8.1
 Product(s): Microsoft Internet Explorer 6
Microsoft Internet Explorer 7
Microsoft Internet Explorer 8
Microsoft Internet Explorer 9
Microsoft Internet Explorer 10
Microsoft Internet Explorer 11
Definition Synopsis:

CPE : Common Platform Enumeration

TypeDescriptionCount
Application 6
Application 3

Information Assurance Vulnerability Management (IAVM)

Date Description
2014-02-13 IAVM : 2014-A-0025 - Microsoft VBScript Remote Code Execution Vulnerability
Severity : Category II - VMSKEY : V0044034
2014-02-13 IAVM : 2014-A-0023 - Cumulative Security Update for Microsoft Internet Explorer
Severity : Category I - VMSKEY : V0044038

Snort® IPS/IDS

Date Description
2017-08-15 Microsoft Internet Explorer type confusion attempt
RuleID : 43580 - Revision : 3 - Type : BROWSER-IE
2017-08-15 Microsoft Internet Explorer type confusion attempt
RuleID : 43579 - Revision : 3 - Type : BROWSER-IE
2015-08-14 Microsoft Internet Explorer replaceChild function memory corruption attempt
RuleID : 35115 - Revision : 3 - Type : BROWSER-IE
2015-08-14 Microsoft Internet Explorer replaceChild function memory corruption attempt
RuleID : 35114 - Revision : 3 - Type : BROWSER-IE
2015-02-18 Microsoft Internet Explorer CInput element user after free attempt
RuleID : 33094 - Revision : 5 - Type : BROWSER-IE
2015-02-18 Microsoft Internet Explorer CInput element user after free attempt
RuleID : 33093 - Revision : 5 - Type : BROWSER-IE
2014-12-02 Microsoft Internet Explorer overlapping object boundaries memory corruption a...
RuleID : 32365 - Revision : 2 - Type : BROWSER-IE
2014-12-02 Microsoft Internet Explorer overlapping object boundaries memory corruption a...
RuleID : 32364 - Revision : 5 - Type : BROWSER-IE
2014-05-28 Microsoft Internet Explorer type confusion attempt
RuleID : 30851 - Revision : 3 - Type : BROWSER-IE
2014-05-28 Microsoft Internet Explorer type confusion attempt
RuleID : 30850 - Revision : 4 - Type : BROWSER-IE
2014-05-28 Microsoft Internet Explorer type confusion attempt
RuleID : 30849 - Revision : 4 - Type : BROWSER-IE
2014-05-28 Microsoft Internet Explorer CElement event handler use after free attempt
RuleID : 30848 - Revision : 2 - Type : BROWSER-IE
2014-05-28 Microsoft Internet Explorer CElement event handler use after free attempt
RuleID : 30847 - Revision : 2 - Type : BROWSER-IE
2014-04-12 Microsoft Internet Explorer CSS uninitialized object access attempt detected
RuleID : 30169 - Revision : 2 - Type : BROWSER-IE
2014-04-10 Microsoft Internet Explorer SVG handling use after free attempt
RuleID : 30082 - Revision : 2 - Type : BROWSER-IE
2014-04-10 Microsoft Internet Explorer SVG handling use after free attempt
RuleID : 30081 - Revision : 2 - Type : BROWSER-IE
2014-04-10 Microsoft Internet Explorer SVG handling use after free attempt
RuleID : 30080 - Revision : 2 - Type : BROWSER-IE
2014-04-10 Microsoft Internet Explorer SVG handling use after free attempt
RuleID : 30079 - Revision : 2 - Type : BROWSER-IE
2014-03-13 Microsoft Internet Explorer CInput element user after free attempt
RuleID : 29744 - Revision : 6 - Type : BROWSER-IE
2014-03-13 Microsoft Internet Explorer CInput element user after free attempt
RuleID : 29743 - Revision : 6 - Type : BROWSER-IE
2014-03-13 Microsoft Internet Explorer deleted object access memory corruption attempt
RuleID : 29742 - Revision : 4 - Type : BROWSER-IE
2014-03-13 Microsoft Internet Explorer deleted object access memory corruption attempt
RuleID : 29741 - Revision : 4 - Type : BROWSER-IE
2014-03-13 Microsoft Internet Explorer cmarkup methods use after free attempt
RuleID : 29738 - Revision : 3 - Type : BROWSER-IE
2014-03-13 Microsoft Internet Explorer cmarkup methods use after free attempt
RuleID : 29737 - Revision : 3 - Type : BROWSER-IE
2014-03-13 Microsoft Internet Explorer selectall use after free attempt
RuleID : 29736 - Revision : 9 - Type : BROWSER-IE
2014-03-13 Microsoft Internet Explorer selectall use after free attempt
RuleID : 29735 - Revision : 9 - Type : BROWSER-IE
2014-03-13 Microsoft Internet Explorer overlapping object boundaries memory corruption a...
RuleID : 29734 - Revision : 7 - Type : BROWSER-IE
2014-03-13 Microsoft Internet Explorer overlapping object boundaries memory corruption a...
RuleID : 29733 - Revision : 7 - Type : BROWSER-IE
2014-03-13 Microsoft Internet Explorer list element use after free attempt
RuleID : 29732 - Revision : 4 - Type : BROWSER-IE
2014-03-13 Microsoft Internet Explorer list element use after free attempt
RuleID : 29731 - Revision : 3 - Type : BROWSER-IE
2014-03-13 Microsoft Internet Explorer CElement event handler use after free attempt
RuleID : 29730 - Revision : 3 - Type : BROWSER-IE
2014-03-13 Microsoft Internet Explorer CElement event handler use after free attempt
RuleID : 29729 - Revision : 3 - Type : BROWSER-IE
2014-03-13 Microsoft Internet Explorer CElement event handler use after free attempt
RuleID : 29728 - Revision : 3 - Type : BROWSER-IE
2014-03-13 Microsoft Internet Explorer CElement event handler use after free attempt
RuleID : 29727 - Revision : 3 - Type : BROWSER-IE
2014-03-13 Microsoft Internet Explorer use after free attempt
RuleID : 29722 - Revision : 4 - Type : BROWSER-IE
2014-03-13 Microsoft Internet Explorer use after free attempt
RuleID : 29721 - Revision : 3 - Type : BROWSER-IE
2014-03-13 Microsoft Internet Explorer SLayoutRun use after free attempt
RuleID : 29720 - Revision : 3 - Type : BROWSER-IE
2014-03-13 Microsoft Internet Explorer SLayoutRun use after free attempt
RuleID : 29719 - Revision : 3 - Type : BROWSER-IE
2014-03-13 Microsoft Internet Explorer text node use after free attempt
RuleID : 29718 - Revision : 4 - Type : BROWSER-IE
2014-03-13 Microsoft Internet Explorer text node use after free attempt
RuleID : 29717 - Revision : 4 - Type : BROWSER-IE
2014-03-13 Microsoft Internet Explorer deleted object memory corruption attempt
RuleID : 29716 - Revision : 3 - Type : BROWSER-IE
2014-03-13 Microsoft Internet Explorer CTree Node use after free attempt
RuleID : 29712 - Revision : 3 - Type : BROWSER-IE
2014-03-13 Microsoft Internet Explorer CTree Node use after free attempt
RuleID : 29711 - Revision : 3 - Type : BROWSER-IE
2014-03-13 Microsoft Internet Explorer fontFamily attribute deleted object access memory...
RuleID : 29710 - Revision : 4 - Type : BROWSER-IE
2014-03-13 Microsoft Internet Explorer fontFamily attribute deleted object access memory...
RuleID : 29709 - Revision : 4 - Type : BROWSER-IE
2014-03-13 Microsoft Internet Explorer CSS uninitialized object access attempt detected
RuleID : 29708 - Revision : 4 - Type : BROWSER-IE
2014-03-13 Microsoft Internet Explorer deleted object access attempt detected
RuleID : 29707 - Revision : 3 - Type : BROWSER-IE
2014-03-13 Microsoft Internet Explorer deleted object access attempt detected
RuleID : 29706 - Revision : 3 - Type : BROWSER-IE
2014-03-13 Microsoft Internet Explorer swap node user after free
RuleID : 29679 - Revision : 5 - Type : BROWSER-IE
2014-03-13 Microsoft Internet Explorer swap node user after free
RuleID : 29678 - Revision : 4 - Type : BROWSER-IE
2014-03-13 Microsoft Internet Explorer CRootElement Object use after free attempt
RuleID : 29677 - Revision : 4 - Type : BROWSER-IE
2014-03-13 Microsoft Internet Explorer CRootElement Object use after free attempt
RuleID : 29676 - Revision : 5 - Type : BROWSER-IE
2014-03-13 Microsoft Internet Explorer type confusion attempt
RuleID : 29675 - Revision : 7 - Type : BROWSER-IE
2014-03-13 Microsoft Internet Explorer SVG handling use after free attempt
RuleID : 29674 - Revision : 4 - Type : BROWSER-IE
2014-03-13 Microsoft Internet Explorer SVG handling use after free attempt
RuleID : 29673 - Revision : 4 - Type : BROWSER-IE
2014-03-13 Microsoft Internet Explorer SVG handling use after free attempt
RuleID : 29672 - Revision : 4 - Type : BROWSER-IE
2014-03-13 Microsoft Internet Explorer SVG handling use after free attempt
RuleID : 29671 - Revision : 4 - Type : BROWSER-IE
2014-03-13 Microsoft Internet Explorer CTreePos deleted object access attempt
RuleID : 29668 - Revision : 4 - Type : BROWSER-IE
2014-03-13 Microsoft Internet Explorer CTreePos deleted object access attempt
RuleID : 29667 - Revision : 4 - Type : BROWSER-IE
2014-03-13 Microsoft Internet Explorer 8 use after free attempt
RuleID : 29655 - Revision : 3 - Type : BROWSER-IE

Nessus® Vulnerability Scanner

Date Description
2014-02-12 Name : The remote host has a web browser that is affected by multiple vulnerabilities.
File : smb_nt_ms14-010.nasl - Type : ACT_GATHER_INFO
2014-02-12 Name : Arbitrary code can be executed on the remote host through the installed VBScr...
File : smb_nt_ms14-011.nasl - Type : ACT_GATHER_INFO

Alert History

If you want to see full details history, please login or register.
0
1
2
3
4
5
6
7
8
9
10
Date Informations
2015-08-14 21:23:52
  • Multiple Updates
2015-02-18 21:24:45
  • Multiple Updates
2014-12-02 21:25:52
  • Multiple Updates
2014-04-12 21:21:32
  • Multiple Updates
2014-04-10 21:21:56
  • Multiple Updates
2014-03-13 21:21:01
  • Multiple Updates
2014-02-17 11:47:56
  • Multiple Updates
2014-02-14 17:19:06
  • Multiple Updates
2014-02-12 21:25:25
  • Multiple Updates
2014-02-12 13:27:02
  • Multiple Updates
2014-02-11 21:17:01
  • First insertion