Executive Summary

Summary
TitleCumulative Security Update for Internet Explorer (2909921)
Informations
NameMS14-010First vendor Publication2014-02-11
VendorMicrosoftLast vendor Modification2014-02-11
Severity (Vendor) CriticalRevision1.0

Security-Database Scoring CVSS v2

Cvss vector : (AV:N/AC:M/Au:N/C:C/I:C/A:C)
Cvss Base Score9.3Attack RangeNetwork
Cvss Impact Score10Attack ComplexityMedium
Cvss Expoit Score8.6AuthenticationNone Required
Calculate full CVSS 2.0 Vectors scores

Detail

Revision Note: V1.0 (February 11, 2014): Bulletin published.

Summary: This security update resolves one publicly disclosed vulnerability and twenty-three privately reported vulnerabilities in Internet Explorer. The most severe vulnerabilities could allow remote code execution if a user views a specially crafted webpage using Internet Explorer. An attacker who successfully exploited the most severe of these vulnerabilities could gain the same user rights as the current user. Users whose accounts are configured to have fewer user rights on the system could be less impacted than users who operate with administrative user rights.

Original Source

Url : http://technet.microsoft.com/en-us/security/bulletin/ms14-010

CWE : Common Weakness Enumeration

%idName
92 %CWE-119Failure to Constrain Operations within the Bounds of a Memory Buffer
4 %CWE-264Permissions, Privileges, and Access Controls
4 %CWE-200Information Exposure

OVAL Definitions

Definition Id: oval:org.mitre.oval:def:22365
 
Oval ID: oval:org.mitre.oval:def:22365
Title: Memory corruption vulnerability in Microsoft Internet Explorer (CVE-2014-0276) - MS14-010
Description: Microsoft Internet Explorer 8 and 9 allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via a crafted web site, aka "Internet Explorer Memory Corruption Vulnerability."
Family: windows Class: vulnerability
Reference(s): CVE-2014-0276
Version: 5
Platform(s): Microsoft Windows XP
Microsoft Windows Vista
Microsoft Windows Server 2003
Microsoft Windows Server 2008
Microsoft Windows Server 2008 R2
Microsoft Windows 7
Product(s): Microsoft Internet Explorer 8
Microsoft Internet Explorer 9
Definition Synopsis:
Definition Id: oval:org.mitre.oval:def:22546
 
Oval ID: oval:org.mitre.oval:def:22546
Title: Memory corruption vulnerability in Microsoft Internet Explorer (CVE-2014-0267) - MS14-010
Description: Microsoft Internet Explorer 11 allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via a crafted web site, aka "Internet Explorer Memory Corruption Vulnerability," a different vulnerability than CVE-2014-0289 and CVE-2014-0290.
Family: windows Class: vulnerability
Reference(s): CVE-2014-0267
Version: 5
Platform(s): Microsoft Windows Server 2008 R2
Microsoft Windows Server 2012 R2
Microsoft Windows 8.1
Microsoft Windows 7
Product(s): Microsoft Internet Explorer 11
Definition Synopsis:
Definition Id: oval:org.mitre.oval:def:22559
 
Oval ID: oval:org.mitre.oval:def:22559
Title: Memory corruption vulnerability in Microsoft Internet Explorer (CVE-2014-0285) - MS14-010
Description: Microsoft Internet Explorer 6 through 11 allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via a crafted web site, aka "Internet Explorer Memory Corruption Vulnerability," a different vulnerability than CVE-2014-0275 and CVE-2014-0286.
Family: windows Class: vulnerability
Reference(s): CVE-2014-0285
Version: 5
Platform(s): Microsoft Windows XP
Microsoft Windows Vista
Microsoft Windows Server 2003
Microsoft Windows Server 2008
Microsoft Windows Server 2008 R2
Microsoft Windows Server 2012
Microsoft Windows Server 2012 R2
Microsoft Windows 7
Microsoft Windows 8
Microsoft Windows 8.1
Product(s): Microsoft Internet Explorer 6
Microsoft Internet Explorer 7
Microsoft Internet Explorer 8
Microsoft Internet Explorer 9
Microsoft Internet Explorer 10
Microsoft Internet Explorer 11
Definition Synopsis:
Definition Id: oval:org.mitre.oval:def:22000
 
Oval ID: oval:org.mitre.oval:def:22000
Title: Memory corruption vulnerability in Microsoft Internet Explorer (CVE-2014-0280) - MS14-010
Description: Microsoft Internet Explorer 6 through 8 allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via a crafted web site, aka "Internet Explorer Memory Corruption Vulnerability."
Family: windows Class: vulnerability
Reference(s): CVE-2014-0280
Version: 5
Platform(s): Microsoft Windows XP
Microsoft Windows Vista
Microsoft Windows Server 2003
Microsoft Windows Server 2008
Microsoft Windows Server 2008 R2
Microsoft Windows 7
Product(s): Microsoft Internet Explorer 6
Microsoft Internet Explorer 7
Microsoft Internet Explorer 8
Definition Synopsis:
Definition Id: oval:org.mitre.oval:def:22221
 
Oval ID: oval:org.mitre.oval:def:22221
Title: Memory corruption vulnerability in Microsoft Internet Explorer (CVE-2014-0277) - MS14-010
Description: Microsoft Internet Explorer 8 allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via a crafted web site, aka "Internet Explorer Memory Corruption Vulnerability," a different vulnerability than CVE-2014-0278 and CVE-2014-0279.
Family: windows Class: vulnerability
Reference(s): CVE-2014-0277
Version: 5
Platform(s): Microsoft Windows XP
Microsoft Windows Vista
Microsoft Windows Server 2003
Microsoft Windows Server 2008
Microsoft Windows Server 2008 R2
Microsoft Windows 7
Product(s): Microsoft Internet Explorer 8
Definition Synopsis:
Definition Id: oval:org.mitre.oval:def:21998
 
Oval ID: oval:org.mitre.oval:def:21998
Title: Memory corruption vulnerability in Microsoft Internet Explorer (CVE-2014-0272) - MS14-010
Description: Microsoft Internet Explorer 8 through 10 allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via a crafted web site, aka "Internet Explorer Memory Corruption Vulnerability."
Family: windows Class: vulnerability
Reference(s): CVE-2014-0272
Version: 5
Platform(s): Microsoft Windows XP
Microsoft Windows Vista
Microsoft Windows Server 2003
Microsoft Windows Server 2008
Microsoft Windows Server 2008 R2
Microsoft Windows Server 2012
Microsoft Windows 7
Microsoft Windows 8
Product(s): Microsoft Internet Explorer 8
Microsoft Internet Explorer 9
Microsoft Internet Explorer 10
Definition Synopsis:
Definition Id: oval:org.mitre.oval:def:22230
 
Oval ID: oval:org.mitre.oval:def:22230
Title: Memory corruption vulnerability in Microsoft Internet Explorer (CVE-2014-0279) - MS14-010
Description: Microsoft Internet Explorer 8 allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via a crafted web site, aka "Internet Explorer Memory Corruption Vulnerability," a different vulnerability than CVE-2014-0277 and CVE-2014-0278.
Family: windows Class: vulnerability
Reference(s): CVE-2014-0279
Version: 5
Platform(s): Microsoft Windows XP
Microsoft Windows Vista
Microsoft Windows Server 2003
Microsoft Windows Server 2008
Microsoft Windows Server 2008 R2
Microsoft Windows 7
Product(s): Microsoft Internet Explorer 8
Definition Synopsis:
Definition Id: oval:org.mitre.oval:def:22413
 
Oval ID: oval:org.mitre.oval:def:22413
Title: Memory corruption vulnerability in Microsoft Internet Explorer (CVE-2014-0289) - MS14-010
Description: Microsoft Internet Explorer 11 allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via a crafted web site, aka "Internet Explorer Memory Corruption Vulnerability," a different vulnerability than CVE-2014-0267 and CVE-2014-0290.
Family: windows Class: vulnerability
Reference(s): CVE-2014-0289
Version: 5
Platform(s): Microsoft Windows Server 2008 R2
Microsoft Windows 7
Microsoft Windows 8.1
Product(s): Microsoft Internet Explorer 11
Definition Synopsis:
Definition Id: oval:org.mitre.oval:def:22398
 
Oval ID: oval:org.mitre.oval:def:22398
Title: Memory corruption vulnerability in Microsoft Internet Explorer (CVE-2014-0283) - MS14-010
Description: Microsoft Internet Explorer 9 allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via a crafted web site, aka "Internet Explorer Memory Corruption Vulnerability."
Family: windows Class: vulnerability
Reference(s): CVE-2014-0283
Version: 5
Platform(s): Microsoft Windows Vista
Microsoft Windows Server 2008
Microsoft Windows Server 2008 R2
Microsoft Windows 7
Product(s): Microsoft Internet Explorer 9
Definition Synopsis:
Definition Id: oval:org.mitre.oval:def:22335
 
Oval ID: oval:org.mitre.oval:def:22335
Title: Memory corruption vulnerability in Microsoft Internet Explorer (CVE-2014-0270) - MS14-010
Description: Microsoft Internet Explorer 9 through 11 allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via a crafted web site, aka "Internet Explorer Memory Corruption Vulnerability," a different vulnerability than CVE-2014-0273, CVE-2014-0274, and CVE-2014-0288.
Family: windows Class: vulnerability
Reference(s): CVE-2014-0270
Version: 5
Platform(s): Microsoft Windows Vista
Microsoft Windows Server 2008
Microsoft Windows Server 2008 R2
Microsoft Windows Server 2012
Microsoft Windows Server 2012 R2
Microsoft Windows 7
Microsoft Windows 8
Microsoft Windows 8.1
Product(s): Microsoft Internet Explorer 9
Microsoft Internet Explorer 10
Microsoft Internet Explorer 11
Definition Synopsis:
Definition Id: oval:org.mitre.oval:def:21831
 
Oval ID: oval:org.mitre.oval:def:21831
Title: Memory corruption vulnerability in Microsoft Internet Explorer (CVE-2014-0275) - MS14-010
Description: Microsoft Internet Explorer 6 through 11 allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via a crafted web site, aka "Internet Explorer Memory Corruption Vulnerability," a different vulnerability than CVE-2014-0285 and CVE-2014-0286.
Family: windows Class: vulnerability
Reference(s): CVE-2014-0275
Version: 5
Platform(s): Microsoft Windows XP
Microsoft Windows Vista
Microsoft Windows Server 2003
Microsoft Windows Server 2008
Microsoft Windows Server 2008 R2
Microsoft Windows Server 2012
Microsoft Windows Server 2012 R2
Microsoft Windows 7
Microsoft Windows 8
Microsoft Windows 8.1
Product(s): Microsoft Internet Explorer 6
Microsoft Internet Explorer 7
Microsoft Internet Explorer 8
Microsoft Internet Explorer 9
Microsoft Internet Explorer 10
Microsoft Internet Explorer 11
Definition Synopsis:
Definition Id: oval:org.mitre.oval:def:21717
 
Oval ID: oval:org.mitre.oval:def:21717
Title: Memory corruption vulnerability in Microsoft Internet Explorer (CVE-2014-0290) - MS14-010
Description: Microsoft Internet Explorer 11 allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via a crafted web site, aka "Internet Explorer Memory Corruption Vulnerability," a different vulnerability than CVE-2014-0267 and CVE-2014-0289.
Family: windows Class: vulnerability
Reference(s): CVE-2014-0290
Version: 5
Platform(s): Microsoft Windows Server 2008 R2
Microsoft Windows Server 2012 R2
Microsoft Windows 8.1
Microsoft Windows 7
Product(s): Microsoft Internet Explorer 11
Definition Synopsis:
Definition Id: oval:org.mitre.oval:def:22314
 
Oval ID: oval:org.mitre.oval:def:22314
Title: Internet Explorer Cross-domain Information Disclosure Vulnerability - CVE-2014-0293 - MS14-010
Description: Microsoft Internet Explorer 9 through 11 allows remote attackers to read content from a different (1) domain or (2) zone via a crafted web site, aka "Internet Explorer Cross-domain Information Disclosure Vulnerability."
Family: windows Class: vulnerability
Reference(s): CVE-2014-0293
Version: 5
Platform(s): Microsoft Windows Vista
Microsoft Windows Server 2008
Microsoft Windows Server 2008 R2
Microsoft Windows Server 2012
Microsoft Windows Server 2012 R2
Microsoft Windows 7
Microsoft Windows 8
Microsoft Windows 8.1
Product(s): Microsoft Internet Explorer 9
Microsoft Internet Explorer 10
Microsoft Internet Explorer 11
Definition Synopsis:
Definition Id: oval:org.mitre.oval:def:22065
 
Oval ID: oval:org.mitre.oval:def:22065
Title: VBScript Memory Corruption Vulnerability (CVE-2014-0271) - MS14-010, MS14-011
Description: The VBScript engine in Microsoft Internet Explorer 6 through 11, and VBScript 5.6 through 5.8, allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via a crafted web site, aka "VBScript Memory Corruption Vulnerability."
Family: windows Class: vulnerability
Reference(s): CVE-2014-0271
Version: 10
Platform(s): Microsoft Windows 8
Microsoft Windows 8.1
Microsoft Windows 7
Microsoft Windows Server 2003
Microsoft Windows Server 2008
Microsoft Windows Server 2008 R2
Microsoft Windows Vista
Microsoft Windows XP
Microsoft Windows Server 2012
Microsoft Windows Server 2012 R2
Product(s): VBScript 5.6
VBScript 5.7
VBScript 5.8
Microsoft Internet Explorer 6
Microsoft Internet Explorer 7
Microsoft Internet Explorer 8
Microsoft Internet Explorer 9
Microsoft Internet Explorer 10
Microsoft Internet Explorer 11
Definition Synopsis:
Definition Id: oval:org.mitre.oval:def:22510
 
Oval ID: oval:org.mitre.oval:def:22510
Title: Memory corruption vulnerability in Microsoft Internet Explorer (CVE-2014-0286) - MS14-010
Description: Microsoft Internet Explorer 6 through 11 allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via a crafted web site, aka "Internet Explorer Memory Corruption Vulnerability," a different vulnerability than CVE-2014-0275 and CVE-2014-0285.
Family: windows Class: vulnerability
Reference(s): CVE-2014-0286
Version: 5
Platform(s): Microsoft Windows XP
Microsoft Windows Vista
Microsoft Windows Server 2003
Microsoft Windows Server 2008
Microsoft Windows Server 2008 R2
Microsoft Windows Server 2012
Microsoft Windows Server 2012 R2
Microsoft Windows 7
Microsoft Windows 8
Microsoft Windows 8.1
Product(s): Microsoft Internet Explorer 6
Microsoft Internet Explorer 7
Microsoft Internet Explorer 8
Microsoft Internet Explorer 9
Microsoft Internet Explorer 10
Microsoft Internet Explorer 11
Definition Synopsis:
Definition Id: oval:org.mitre.oval:def:22381
 
Oval ID: oval:org.mitre.oval:def:22381
Title: Memory corruption vulnerability in Microsoft Internet Explorer (CVE-2014-0269) - MS14-010
Description: Microsoft Internet Explorer 6 through 10 allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via a crafted web site, aka "Internet Explorer Memory Corruption Vulnerability."
Family: windows Class: vulnerability
Reference(s): CVE-2014-0269
Version: 5
Platform(s): Microsoft Windows XP
Microsoft Windows Vista
Microsoft Windows Server 2003
Microsoft Windows Server 2008
Microsoft Windows Server 2008 R2
Microsoft Windows Server 2012
Microsoft Windows Server 2012 R2
Microsoft Windows 7
Microsoft Windows 8
Microsoft Windows 8.1
Product(s): Microsoft Internet Explorer 6
Microsoft Internet Explorer 7
Microsoft Internet Explorer 8
Microsoft Internet Explorer 9
Microsoft Internet Explorer 10
Definition Synopsis:
Definition Id: oval:org.mitre.oval:def:22516
 
Oval ID: oval:org.mitre.oval:def:22516
Title: Memory corruption vulnerability in Microsoft Internet Explorer (CVE-2014-0278) - MS14-010
Description: Microsoft Internet Explorer 8 allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via a crafted web site, aka "Internet Explorer Memory Corruption Vulnerability," a different vulnerability than CVE-2014-0277 and CVE-2014-0279.
Family: windows Class: vulnerability
Reference(s): CVE-2014-0278
Version: 5
Platform(s): Microsoft Windows XP
Microsoft Windows Vista
Microsoft Windows Server 2003
Microsoft Windows Server 2008
Microsoft Windows Server 2008 R2
Microsoft Windows 7
Product(s): Microsoft Internet Explorer 8
Definition Synopsis:
Definition Id: oval:org.mitre.oval:def:22385
 
Oval ID: oval:org.mitre.oval:def:22385
Title: Memory corruption vulnerability in Microsoft Internet Explorer (CVE-2014-0273) - MS14-010
Description: Microsoft Internet Explorer 9 through 11 allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via a crafted web site, aka "Internet Explorer Memory Corruption Vulnerability," a different vulnerability than CVE-2014-0270, CVE-2014-0274, and CVE-2014-0288.
Family: windows Class: vulnerability
Reference(s): CVE-2014-0273
Version: 5
Platform(s): Microsoft Windows Vista
Microsoft Windows Server 2008
Microsoft Windows Server 2008 R2
Microsoft Windows Server 2012
Microsoft Windows Server 2012 R2
Microsoft Windows 7
Microsoft Windows 8
Microsoft Windows 8.1
Product(s): Microsoft Internet Explorer 9
Microsoft Internet Explorer 10
Microsoft Internet Explorer 11
Definition Synopsis:
Definition Id: oval:org.mitre.oval:def:22443
 
Oval ID: oval:org.mitre.oval:def:22443
Title: Memory corruption vulnerability in Microsoft Internet Explorer (CVE-2014-0281) - MS14-010
Description: Microsoft Internet Explorer 8 through 11 allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via a crafted web site, aka "Internet Explorer Memory Corruption Vulnerability," a different vulnerability than CVE-2014-0287.
Family: windows Class: vulnerability
Reference(s): CVE-2014-0281
Version: 5
Platform(s): Microsoft Windows XP
Microsoft Windows Vista
Microsoft Windows Server 2003
Microsoft Windows Server 2008
Microsoft Windows Server 2008 R2
Microsoft Windows Server 2012
Microsoft Windows Server 2012 R2
Microsoft Windows 7
Microsoft Windows 8
Microsoft Windows 8.1
Product(s): Microsoft Internet Explorer 8
Microsoft Internet Explorer 9
Microsoft Internet Explorer 10
Microsoft Internet Explorer 11
Definition Synopsis:
Definition Id: oval:org.mitre.oval:def:22464
 
Oval ID: oval:org.mitre.oval:def:22464
Title: Memory corruption vulnerability in Microsoft Internet Explorer (CVE-2014-0287) - MS14-010
Description: Microsoft Internet Explorer 8 through 11 allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via a crafted web site, aka "Internet Explorer Memory Corruption Vulnerability," a different vulnerability than CVE-2014-0281.
Family: windows Class: vulnerability
Reference(s): CVE-2014-0287
Version: 5
Platform(s): Microsoft Windows XP
Microsoft Windows Vista
Microsoft Windows Server 2003
Microsoft Windows Server 2008
Microsoft Windows Server 2008 R2
Microsoft Windows Server 2012
Microsoft Windows Server 2012 R2
Microsoft Windows 7
Microsoft Windows 8
Microsoft Windows 8.1
Product(s): Microsoft Internet Explorer 8
Microsoft Internet Explorer 9
Microsoft Internet Explorer 10
Microsoft Internet Explorer 11
Definition Synopsis:
Definition Id: oval:org.mitre.oval:def:22509
 
Oval ID: oval:org.mitre.oval:def:22509
Title: Memory corruption vulnerability in Microsoft Internet Explorer (CVE-2014-0284) - MS14-010
Description: Microsoft Internet Explorer 9 and 10 allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via a crafted web site, aka "Internet Explorer Memory Corruption Vulnerability."
Family: windows Class: vulnerability
Reference(s): CVE-2014-0284
Version: 5
Platform(s): Microsoft Windows Vista
Microsoft Windows Server 2008
Microsoft Windows Server 2008 R2
Microsoft Windows Server 2012
Microsoft Windows 7
Microsoft Windows 8
Product(s): Microsoft Internet Explorer 9
Microsoft Internet Explorer 10
Definition Synopsis:
Definition Id: oval:org.mitre.oval:def:22465
 
Oval ID: oval:org.mitre.oval:def:22465
Title: Internet Explorer Elevation of Privilege Vulnerability (CVE-2014-0268) - MS14-010
Description: Microsoft Internet Explorer 8 through 11 does not properly restrict file installation and registry-key creation, which allows remote attackers to bypass the Mandatory Integrity Control protection mechanism via a crafted web site, aka "Internet Explorer Elevation of Privilege Vulnerability."
Family: windows Class: vulnerability
Reference(s): CVE-2014-0268
Version: 5
Platform(s): Microsoft Windows XP
Microsoft Windows Vista
Microsoft Windows Server 2003
Microsoft Windows Server 2008
Microsoft Windows Server 2008 R2
Microsoft Windows Server 2012
Microsoft Windows Server 2012 R2
Microsoft Windows 7
Microsoft Windows 8
Microsoft Windows 8.1
Product(s): Microsoft Internet Explorer 8
Microsoft Internet Explorer 9
Microsoft Internet Explorer 10
Microsoft Internet Explorer 11
Definition Synopsis:
Definition Id: oval:org.mitre.oval:def:22481
 
Oval ID: oval:org.mitre.oval:def:22481
Title: Memory corruption vulnerability in Microsoft Internet Explorer (CVE-2014-0288) - MS14-010
Description: Microsoft Internet Explorer 9 through 11 allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via a crafted web site, aka "Internet Explorer Memory Corruption Vulnerability," a different vulnerability than CVE-2014-0270, CVE-2014-0273, and CVE-2014-0274.
Family: windows Class: vulnerability
Reference(s): CVE-2014-0288
Version: 5
Platform(s): Microsoft Windows Vista
Microsoft Windows Server 2008
Microsoft Windows Server 2008 R2
Microsoft Windows Server 2012
Microsoft Windows Server 2012 R2
Microsoft Windows 7
Microsoft Windows 8
Microsoft Windows 8.1
Product(s): Microsoft Internet Explorer 9
Microsoft Internet Explorer 10
Microsoft Internet Explorer 11
Definition Synopsis:
Definition Id: oval:org.mitre.oval:def:22338
 
Oval ID: oval:org.mitre.oval:def:22338
Title: Memory corruption vulnerability in Microsoft Internet Explorer (CVE-2014-0274) - MS14-010
Description: Microsoft Internet Explorer 9 through 11 allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via a crafted web site, aka "Internet Explorer Memory Corruption Vulnerability," a different vulnerability than CVE-2014-0270, CVE-2014-0273, and CVE-2014-0288.
Family: windows Class: vulnerability
Reference(s): CVE-2014-0274
Version: 5
Platform(s): Microsoft Windows Vista
Microsoft Windows Server 2008
Microsoft Windows Server 2008 R2
Microsoft Windows Server 2012
Microsoft Windows Server 2012 R2
Microsoft Windows 7
Microsoft Windows 8
Microsoft Windows 8.1
Product(s): Microsoft Internet Explorer 9
Microsoft Internet Explorer 10
Microsoft Internet Explorer 11
Definition Synopsis:

CPE : Common Platform Enumeration

TypeDescriptionCount
Application6
Application3

Information Assurance Vulnerability Management (IAVM)

DateDescription
2014-02-13IAVM : 2014-A-0025 - Microsoft VBScript Remote Code Execution Vulnerability
Severity : Category II - VMSKEY : V0044034
2014-02-13IAVM : 2014-A-0023 - Cumulative Security Update for Microsoft Internet Explorer
Severity : Category I - VMSKEY : V0044038

Snort® IPS/IDS

DateDescription
2017-08-15Microsoft Internet Explorer type confusion attempt
RuleID : 43580 - Revision : 3 - Type : BROWSER-IE
2017-08-15Microsoft Internet Explorer type confusion attempt
RuleID : 43579 - Revision : 3 - Type : BROWSER-IE
2015-08-14Microsoft Internet Explorer replaceChild function memory corruption attempt
RuleID : 35115 - Revision : 3 - Type : BROWSER-IE
2015-08-14Microsoft Internet Explorer replaceChild function memory corruption attempt
RuleID : 35114 - Revision : 3 - Type : BROWSER-IE
2015-02-18Microsoft Internet Explorer CInput element user after free attempt
RuleID : 33094 - Revision : 5 - Type : BROWSER-IE
2015-02-18Microsoft Internet Explorer CInput element user after free attempt
RuleID : 33093 - Revision : 5 - Type : BROWSER-IE
2014-12-02Microsoft Internet Explorer overlapping object boundaries memory corruption a...
RuleID : 32365 - Revision : 2 - Type : BROWSER-IE
2014-12-02Microsoft Internet Explorer overlapping object boundaries memory corruption a...
RuleID : 32364 - Revision : 5 - Type : BROWSER-IE
2014-05-28Microsoft Internet Explorer type confusion attempt
RuleID : 30851 - Revision : 3 - Type : BROWSER-IE
2014-05-28Microsoft Internet Explorer type confusion attempt
RuleID : 30850 - Revision : 4 - Type : BROWSER-IE
2014-05-28Microsoft Internet Explorer type confusion attempt
RuleID : 30849 - Revision : 4 - Type : BROWSER-IE
2014-05-28Microsoft Internet Explorer CElement event handler use after free attempt
RuleID : 30848 - Revision : 2 - Type : BROWSER-IE
2014-05-28Microsoft Internet Explorer CElement event handler use after free attempt
RuleID : 30847 - Revision : 2 - Type : BROWSER-IE
2014-04-12Microsoft Internet Explorer CSS uninitialized object access attempt detected
RuleID : 30169 - Revision : 2 - Type : BROWSER-IE
2014-04-10Microsoft Internet Explorer SVG handling use after free attempt
RuleID : 30082 - Revision : 2 - Type : BROWSER-IE
2014-04-10Microsoft Internet Explorer SVG handling use after free attempt
RuleID : 30081 - Revision : 2 - Type : BROWSER-IE
2014-04-10Microsoft Internet Explorer SVG handling use after free attempt
RuleID : 30080 - Revision : 2 - Type : BROWSER-IE
2014-04-10Microsoft Internet Explorer SVG handling use after free attempt
RuleID : 30079 - Revision : 2 - Type : BROWSER-IE
2014-03-13Microsoft Internet Explorer CInput element user after free attempt
RuleID : 29744 - Revision : 6 - Type : BROWSER-IE
2014-03-13Microsoft Internet Explorer CInput element user after free attempt
RuleID : 29743 - Revision : 6 - Type : BROWSER-IE
2014-03-13Microsoft Internet Explorer deleted object access memory corruption attempt
RuleID : 29742 - Revision : 4 - Type : BROWSER-IE
2014-03-13Microsoft Internet Explorer deleted object access memory corruption attempt
RuleID : 29741 - Revision : 4 - Type : BROWSER-IE
2014-03-13Microsoft Internet Explorer cmarkup methods use after free attempt
RuleID : 29738 - Revision : 3 - Type : BROWSER-IE
2014-03-13Microsoft Internet Explorer cmarkup methods use after free attempt
RuleID : 29737 - Revision : 3 - Type : BROWSER-IE
2014-03-13Microsoft Internet Explorer selectall use after free attempt
RuleID : 29736 - Revision : 9 - Type : BROWSER-IE
2014-03-13Microsoft Internet Explorer selectall use after free attempt
RuleID : 29735 - Revision : 9 - Type : BROWSER-IE
2014-03-13Microsoft Internet Explorer overlapping object boundaries memory corruption a...
RuleID : 29734 - Revision : 7 - Type : BROWSER-IE
2014-03-13Microsoft Internet Explorer overlapping object boundaries memory corruption a...
RuleID : 29733 - Revision : 7 - Type : BROWSER-IE
2014-03-13Microsoft Internet Explorer list element use after free attempt
RuleID : 29732 - Revision : 4 - Type : BROWSER-IE
2014-03-13Microsoft Internet Explorer list element use after free attempt
RuleID : 29731 - Revision : 3 - Type : BROWSER-IE
2014-03-13Microsoft Internet Explorer CElement event handler use after free attempt
RuleID : 29730 - Revision : 3 - Type : BROWSER-IE
2014-03-13Microsoft Internet Explorer CElement event handler use after free attempt
RuleID : 29729 - Revision : 3 - Type : BROWSER-IE
2014-03-13Microsoft Internet Explorer CElement event handler use after free attempt
RuleID : 29728 - Revision : 3 - Type : BROWSER-IE
2014-03-13Microsoft Internet Explorer CElement event handler use after free attempt
RuleID : 29727 - Revision : 3 - Type : BROWSER-IE
2014-03-13Microsoft Internet Explorer use after free attempt
RuleID : 29722 - Revision : 4 - Type : BROWSER-IE
2014-03-13Microsoft Internet Explorer use after free attempt
RuleID : 29721 - Revision : 3 - Type : BROWSER-IE
2014-03-13Microsoft Internet Explorer SLayoutRun use after free attempt
RuleID : 29720 - Revision : 3 - Type : BROWSER-IE
2014-03-13Microsoft Internet Explorer SLayoutRun use after free attempt
RuleID : 29719 - Revision : 3 - Type : BROWSER-IE
2014-03-13Microsoft Internet Explorer text node use after free attempt
RuleID : 29718 - Revision : 4 - Type : BROWSER-IE
2014-03-13Microsoft Internet Explorer text node use after free attempt
RuleID : 29717 - Revision : 4 - Type : BROWSER-IE
2014-03-13Microsoft Internet Explorer deleted object memory corruption attempt
RuleID : 29716 - Revision : 3 - Type : BROWSER-IE
2014-03-13Microsoft Internet Explorer CTree Node use after free attempt
RuleID : 29712 - Revision : 3 - Type : BROWSER-IE
2014-03-13Microsoft Internet Explorer CTree Node use after free attempt
RuleID : 29711 - Revision : 3 - Type : BROWSER-IE
2014-03-13Microsoft Internet Explorer fontFamily attribute deleted object access memory...
RuleID : 29710 - Revision : 4 - Type : BROWSER-IE
2014-03-13Microsoft Internet Explorer fontFamily attribute deleted object access memory...
RuleID : 29709 - Revision : 4 - Type : BROWSER-IE
2014-03-13Microsoft Internet Explorer CSS uninitialized object access attempt detected
RuleID : 29708 - Revision : 4 - Type : BROWSER-IE
2014-03-13Microsoft Internet Explorer deleted object access attempt detected
RuleID : 29707 - Revision : 3 - Type : BROWSER-IE
2014-03-13Microsoft Internet Explorer deleted object access attempt detected
RuleID : 29706 - Revision : 3 - Type : BROWSER-IE
2014-03-13Microsoft Internet Explorer swap node user after free
RuleID : 29679 - Revision : 5 - Type : BROWSER-IE
2014-03-13Microsoft Internet Explorer swap node user after free
RuleID : 29678 - Revision : 4 - Type : BROWSER-IE
2014-03-13Microsoft Internet Explorer CRootElement Object use after free attempt
RuleID : 29677 - Revision : 4 - Type : BROWSER-IE
2014-03-13Microsoft Internet Explorer CRootElement Object use after free attempt
RuleID : 29676 - Revision : 5 - Type : BROWSER-IE
2014-03-13Microsoft Internet Explorer type confusion attempt
RuleID : 29675 - Revision : 7 - Type : BROWSER-IE
2014-03-13Microsoft Internet Explorer SVG handling use after free attempt
RuleID : 29674 - Revision : 4 - Type : BROWSER-IE
2014-03-13Microsoft Internet Explorer SVG handling use after free attempt
RuleID : 29673 - Revision : 4 - Type : BROWSER-IE
2014-03-13Microsoft Internet Explorer SVG handling use after free attempt
RuleID : 29672 - Revision : 4 - Type : BROWSER-IE
2014-03-13Microsoft Internet Explorer SVG handling use after free attempt
RuleID : 29671 - Revision : 4 - Type : BROWSER-IE
2014-03-13Microsoft Internet Explorer CTreePos deleted object access attempt
RuleID : 29668 - Revision : 4 - Type : BROWSER-IE
2014-03-13Microsoft Internet Explorer CTreePos deleted object access attempt
RuleID : 29667 - Revision : 4 - Type : BROWSER-IE
2014-03-13Microsoft Internet Explorer 8 use after free attempt
RuleID : 29655 - Revision : 3 - Type : BROWSER-IE

Nessus® Vulnerability Scanner

DateDescription
2014-02-12Name : The remote host has a web browser that is affected by multiple vulnerabilities.
File : smb_nt_ms14-010.nasl - Type : ACT_GATHER_INFO
2014-02-12Name : Arbitrary code can be executed on the remote host through the installed VBScr...
File : smb_nt_ms14-011.nasl - Type : ACT_GATHER_INFO

Alert History

If you want to see full details history, please login or register.
0
1
2
3
4
5
6
7
8
9
10
DateInformations
2015-08-14 21:23:52
  • Multiple Updates
2015-02-18 21:24:45
  • Multiple Updates
2014-12-02 21:25:52
  • Multiple Updates
2014-04-12 21:21:32
  • Multiple Updates
2014-04-10 21:21:56
  • Multiple Updates
2014-03-13 21:21:01
  • Multiple Updates
2014-02-17 11:47:56
  • Multiple Updates
2014-02-14 17:19:06
  • Multiple Updates
2014-02-12 21:25:25
  • Multiple Updates
2014-02-12 13:27:02
  • Multiple Updates
2014-02-11 21:17:01
  • First insertion