Executive Summary

Summary
TitleCumulative Security Update for Internet Explorer (2976627)
Informations
NameMS14-051First vendor Publication2014-08-12
VendorMicrosoftLast vendor Modification2015-06-17
Severity (Vendor) CriticalRevision1.4

Security-Database Scoring CVSS v2

Cvss vector : (AV:N/AC:M/Au:N/C:C/I:C/A:C)
Cvss Base Score9.3Attack RangeNetwork
Cvss Impact Score10Attack ComplexityMedium
Cvss Expoit Score8.6AuthenticationNone Required
Calculate full CVSS 2.0 Vectors scores

Detail

Severity Rating: Critical
Revision Note: V1.4 (June 17, 2015): Replaced CVE number CVE-2014-4078 with CVE number CVE-2014-8985. This is an informational change only. The CVE description was not changed. Customers who have already successfully installed the update do not need to take any action.
Summary: This security update resolves one publicly disclosed and twenty-five privately reported vulnerabilities in Internet Explorer. The most severe of these vulnerabilities could allow remote code execution if a user views a specially crafted webpage using Internet Explorer. An attacker who successfully exploited these vulnerabilities could gain the same user rights as the current user. Customers whose accounts are configured to have fewer user rights on the system could be less impacted than those who operate with administrative user rights.

Original Source

Url : https://technet.microsoft.com/en-us/library/security/MS14-051

CWE : Common Weakness Enumeration

%idName
90 %CWE-119Failure to Constrain Operations within the Bounds of a Memory Buffer
10 %CWE-264Permissions, Privileges, and Access Controls

OVAL Definitions

Definition Id: oval:org.mitre.oval:def:26305
 
Oval ID: oval:org.mitre.oval:def:26305
Title: Internet Explorer Memory Corruption Vulnerability - CVE-2014-2819 (MS14-051)
Description: Microsoft Internet Explorer 7 through 11 allows remote attackers to gain privileges via a crafted web site, aka "Internet Explorer Elevation of Privilege Vulnerability."
Family: windows Class: vulnerability
Reference(s): CVE-2014-2819
Version: 3
Platform(s): Microsoft Windows Vista
Microsoft Windows Server 2003
Microsoft Windows Server 2008
Microsoft Windows Server 2008 R2
Microsoft Windows Server 2012
Microsoft Windows Server 2012 R2
Microsoft Windows 7
Microsoft Windows 8
Microsoft Windows 8.1
Product(s): Microsoft Internet Explorer 7
Microsoft Internet Explorer 8
Microsoft Internet Explorer 9
Microsoft Internet Explorer 10
Microsoft Internet Explorer 11
Definition Synopsis:
Definition Id: oval:org.mitre.oval:def:26227
 
Oval ID: oval:org.mitre.oval:def:26227
Title: Internet Explorer Memory Corruption Vulnerability - CVE-2014-2796 (MS14-051)
Description: Microsoft Internet Explorer 10 and 11 allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via a crafted web site, aka "Internet Explorer Memory Corruption Vulnerability," a different vulnerability than CVE-2014-2808, CVE-2014-2825, CVE-2014-4050, CVE-2014-4055, and CVE-2014-4067.
Family: windows Class: vulnerability
Reference(s): CVE-2014-2796
Version: 3
Platform(s): Microsoft Windows Server 2008 R2
Microsoft Windows Server 2012
Microsoft Windows Server 2012 R2
Microsoft Windows 7
Microsoft Windows 8
Microsoft Windows 8.1
Product(s): Microsoft Internet Explorer 10
Microsoft Internet Explorer 11
Definition Synopsis:
Definition Id: oval:org.mitre.oval:def:26127
 
Oval ID: oval:org.mitre.oval:def:26127
Title: Internet Explorer Memory Corruption Vulnerability - CVE-2014-4067 (MS14-051)
Description: Microsoft Internet Explorer 10 and 11 allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via a crafted web site, aka "Internet Explorer Memory Corruption Vulnerability," a different vulnerability than CVE-2014-2796, CVE-2014-2808, CVE-2014-2825, CVE-2014-4050, and CVE-2014-4055.
Family: windows Class: vulnerability
Reference(s): CVE-2014-4067
Version: 3
Platform(s): Microsoft Windows Server 2008 R2
Microsoft Windows Server 2012
Microsoft Windows Server 2012 R2
Microsoft Windows 7
Microsoft Windows 8
Microsoft Windows 8.1
Product(s): Microsoft Internet Explorer 10
Microsoft Internet Explorer 11
Definition Synopsis:
Definition Id: oval:org.mitre.oval:def:26120
 
Oval ID: oval:org.mitre.oval:def:26120
Title: Internet Explorer Memory Corruption Vulnerability - CVE-2014-4063 (MS14-051)
Description: Microsoft Internet Explorer 6 through 11 allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via a crafted web site, aka "Internet Explorer Memory Corruption Vulnerability," a different vulnerability than CVE-2014-2774, CVE-2014-2820, CVE-2014-2826, and CVE-2014-2827.
Family: windows Class: vulnerability
Reference(s): CVE-2014-4063
Version: 3
Platform(s): Microsoft Windows Vista
Microsoft Windows Server 2003
Microsoft Windows Server 2008
Microsoft Windows Server 2008 R2
Microsoft Windows Server 2012
Microsoft Windows Server 2012 R2
Microsoft Windows 7
Microsoft Windows 8
Microsoft Windows 8.1
Product(s): Microsoft Internet Explorer 6
Microsoft Internet Explorer 7
Microsoft Internet Explorer 8
Microsoft Internet Explorer 9
Microsoft Internet Explorer 10
Microsoft Internet Explorer 11
Definition Synopsis:
Definition Id: oval:org.mitre.oval:def:26306
 
Oval ID: oval:org.mitre.oval:def:26306
Title: Internet Explorer Memory Corruption Vulnerability - CVE-2014-2817 (MS14-051)
Description: Microsoft Internet Explorer 6 through 11 allows remote attackers to gain privileges via a crafted web site, aka "Internet Explorer Elevation of Privilege Vulnerability."
Family: windows Class: vulnerability
Reference(s): CVE-2014-2817
Version: 3
Platform(s): Microsoft Windows Vista
Microsoft Windows Server 2003
Microsoft Windows Server 2008
Microsoft Windows Server 2008 R2
Microsoft Windows Server 2012
Microsoft Windows Server 2012 R2
Microsoft Windows 7
Microsoft Windows 8
Microsoft Windows 8.1
Product(s): Microsoft Internet Explorer 6
Microsoft Internet Explorer 7
Microsoft Internet Explorer 8
Microsoft Internet Explorer 9
Microsoft Internet Explorer 10
Microsoft Internet Explorer 11
Definition Synopsis:
Definition Id: oval:org.mitre.oval:def:26288
 
Oval ID: oval:org.mitre.oval:def:26288
Title: Internet Explorer Memory Corruption Vulnerability - CVE-2014-4050 (MS14-051)
Description: Microsoft Internet Explorer 10 and 11 allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via a crafted web site, aka "Internet Explorer Memory Corruption Vulnerability," a different vulnerability than CVE-2014-2796, CVE-2014-2808, CVE-2014-2825, CVE-2014-4055, and CVE-2014-4067.
Family: windows Class: vulnerability
Reference(s): CVE-2014-4050
Version: 3
Platform(s): Microsoft Windows Server 2008 R2
Microsoft Windows Server 2012
Microsoft Windows Server 2012 R2
Microsoft Windows 7
Microsoft Windows 8
Microsoft Windows 8.1
Product(s): Microsoft Internet Explorer 10
Microsoft Internet Explorer 11
Definition Synopsis:
Definition Id: oval:org.mitre.oval:def:27909
 
Oval ID: oval:org.mitre.oval:def:27909
Title: IIS Security feature bypass vulnerability - CVE-2014-4078 (MS14-076)
Description: The IP Security feature in Microsoft Internet Information Services (IIS) 8.0 and 8.5 does not properly process wildcard allow and deny rules for domains within the "IP Address and Domain Restrictions" list, which makes it easier for remote attackers to bypass an intended rule set via an HTTP request, aka "IIS Security Feature Bypass Vulnerability."
Family: windows Class: vulnerability
Reference(s): CVE-2014-4078
Version: 3
Platform(s): Microsoft Windows 8
Microsoft Windows Server 2012
Microsoft Windows 8.1
Microsoft Windows Server 2012 R2
Product(s): Microsoft Internet Information Services 8.0
Microsoft Internet Information Services 8.5
Definition Synopsis:
Definition Id: oval:org.mitre.oval:def:26121
 
Oval ID: oval:org.mitre.oval:def:26121
Title: Internet Explorer Memory Corruption Vulnerability - CVE-2014-2826 (MS14-051)
Description: Microsoft Internet Explorer 6 through 11 allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via a crafted web site, aka "Internet Explorer Memory Corruption Vulnerability," a different vulnerability than CVE-2014-2774, CVE-2014-2820, CVE-2014-2827, and CVE-2014-4063.
Family: windows Class: vulnerability
Reference(s): CVE-2014-2826
Version: 3
Platform(s): Microsoft Windows Vista
Microsoft Windows Server 2003
Microsoft Windows Server 2008
Microsoft Windows Server 2008 R2
Microsoft Windows Server 2012
Microsoft Windows Server 2012 R2
Microsoft Windows 7
Microsoft Windows 8
Microsoft Windows 8.1
Product(s): Microsoft Internet Explorer 6
Microsoft Internet Explorer 7
Microsoft Internet Explorer 8
Microsoft Internet Explorer 9
Microsoft Internet Explorer 10
Microsoft Internet Explorer 11
Definition Synopsis:
Definition Id: oval:org.mitre.oval:def:26398
 
Oval ID: oval:org.mitre.oval:def:26398
Title: Internet Explorer Memory Corruption Vulnerability - CVE-2014-2822 (MS14-051)
Description: Microsoft Internet Explorer 11 allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via a crafted web site, aka "Internet Explorer Memory Corruption Vulnerability," a different vulnerability than CVE-2014-2810, CVE-2014-2811, CVE-2014-2823, and CVE-2014-4057.
Family: windows Class: vulnerability
Reference(s): CVE-2014-2822
Version: 3
Platform(s): Microsoft Windows Server 2008 R2
Microsoft Windows Server 2012 R2
Microsoft Windows 7
Microsoft Windows 8.1
Product(s): Microsoft Internet Explorer 11
Definition Synopsis:
Definition Id: oval:org.mitre.oval:def:26321
 
Oval ID: oval:org.mitre.oval:def:26321
Title: Internet Explorer Memory Corruption Vulnerability - CVE-2014-4052 (MS14-051)
Description: Microsoft Internet Explorer 9 and 10 allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via a crafted web site, aka "Internet Explorer Memory Corruption Vulnerability."
Family: windows Class: vulnerability
Reference(s): CVE-2014-4052
Version: 3
Platform(s): Microsoft Windows Vista
Microsoft Windows Server 2008
Microsoft Windows Server 2008 R2
Microsoft Windows Server 2012
Microsoft Windows 7
Microsoft Windows 8
Product(s): Microsoft Internet Explorer 9
Microsoft Internet Explorer 10
Definition Synopsis:
Definition Id: oval:org.mitre.oval:def:26394
 
Oval ID: oval:org.mitre.oval:def:26394
Title: Internet Explorer Memory Corruption Vulnerability - CVE-2014-4058 (MS14-051)
Description: Microsoft Internet Explorer 9 through 11 allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via a crafted web site, aka "Internet Explorer Memory Corruption Vulnerability."
Family: windows Class: vulnerability
Reference(s): CVE-2014-4058
Version: 3
Platform(s): Microsoft Windows Vista
Microsoft Windows Server 2008
Microsoft Windows Server 2008 R2
Microsoft Windows Server 2012
Microsoft Windows Server 2012 R2
Microsoft Windows 7
Microsoft Windows 8
Microsoft Windows 8.1
Product(s): Microsoft Internet Explorer 9
Microsoft Internet Explorer 10
Microsoft Internet Explorer 11
Definition Synopsis:
Definition Id: oval:org.mitre.oval:def:26164
 
Oval ID: oval:org.mitre.oval:def:26164
Title: Internet Explorer Memory Corruption Vulnerability - CVE-2014-4055 (MS14-051)
Description: Microsoft Internet Explorer 10 and 11 allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via a crafted web site, aka "Internet Explorer Memory Corruption Vulnerability," a different vulnerability than CVE-2014-2796, CVE-2014-2808, CVE-2014-2825, CVE-2014-4050, and CVE-2014-4067.
Family: windows Class: vulnerability
Reference(s): CVE-2014-4055
Version: 3
Platform(s): Microsoft Windows Server 2008 R2
Microsoft Windows Server 2012
Microsoft Windows Server 2012 R2
Microsoft Windows 7
Microsoft Windows 8
Microsoft Windows 8.1
Product(s): Microsoft Internet Explorer 10
Microsoft Internet Explorer 11
Definition Synopsis:
Definition Id: oval:org.mitre.oval:def:26158
 
Oval ID: oval:org.mitre.oval:def:26158
Title: Internet Explorer Memory Corruption Vulnerability - CVE-2014-2825 (MS14-051)
Description: Microsoft Internet Explorer 10 and 11 allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via a crafted web site, aka "Internet Explorer Memory Corruption Vulnerability," a different vulnerability than CVE-2014-2796, CVE-2014-2808, CVE-2014-4050, CVE-2014-4055, and CVE-2014-4067.
Family: windows Class: vulnerability
Reference(s): CVE-2014-2825
Version: 3
Platform(s): Microsoft Windows Server 2008 R2
Microsoft Windows Server 2012
Microsoft Windows Server 2012 R2
Microsoft Windows 7
Microsoft Windows 8
Microsoft Windows 8.1
Product(s): Microsoft Internet Explorer 10
Microsoft Internet Explorer 11
Definition Synopsis:
Definition Id: oval:org.mitre.oval:def:26109
 
Oval ID: oval:org.mitre.oval:def:26109
Title: Internet Explorer Memory Corruption Vulnerability - CVE-2014-2827 (MS14-051)
Description: Microsoft Internet Explorer 6 through 11 allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via a crafted web site, aka "Internet Explorer Memory Corruption Vulnerability," a different vulnerability than CVE-2014-2774, CVE-2014-2820, CVE-2014-2826, and CVE-2014-4063.
Family: windows Class: vulnerability
Reference(s): CVE-2014-2827
Version: 3
Platform(s): Microsoft Windows Vista
Microsoft Windows Server 2003
Microsoft Windows Server 2008
Microsoft Windows Server 2008 R2
Microsoft Windows Server 2012
Microsoft Windows Server 2012 R2
Microsoft Windows 7
Microsoft Windows 8
Microsoft Windows 8.1
Product(s): Microsoft Internet Explorer 6
Microsoft Internet Explorer 7
Microsoft Internet Explorer 8
Microsoft Internet Explorer 9
Microsoft Internet Explorer 10
Microsoft Internet Explorer 11
Definition Synopsis:
Definition Id: oval:org.mitre.oval:def:26479
 
Oval ID: oval:org.mitre.oval:def:26479
Title: Internet Explorer Memory Corruption Vulnerability - CVE-2014-4056 (MS14-051)
Description: Microsoft Internet Explorer 7 through 10 allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via a crafted web site, aka "Internet Explorer Memory Corruption Vulnerability."
Family: windows Class: vulnerability
Reference(s): CVE-2014-4056
Version: 3
Platform(s): Microsoft Windows Vista
Microsoft Windows Server 2003
Microsoft Windows Server 2008
Microsoft Windows Server 2008 R2
Microsoft Windows Server 2012
Microsoft Windows 7
Microsoft Windows 8
Product(s): Microsoft Internet Explorer 7
Microsoft Internet Explorer 8
Microsoft Internet Explorer 9
Microsoft Internet Explorer 10
Definition Synopsis:
Definition Id: oval:org.mitre.oval:def:26358
 
Oval ID: oval:org.mitre.oval:def:26358
Title: Internet Explorer Memory Corruption Vulnerability - CVE-2014-2821 (MS14-051)
Description: Microsoft Internet Explorer 8 and 9 allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via a crafted web site, aka "Internet Explorer Memory Corruption Vulnerability."
Family: windows Class: vulnerability
Reference(s): CVE-2014-2821
Version: 3
Platform(s): Microsoft Windows Vista
Microsoft Windows Server 2003
Microsoft Windows Server 2008
Microsoft Windows Server 2008 R2
Microsoft Windows 7
Product(s): Microsoft Internet Explorer 8
Microsoft Internet Explorer 9
Definition Synopsis:
Definition Id: oval:org.mitre.oval:def:26073
 
Oval ID: oval:org.mitre.oval:def:26073
Title: Internet Explorer Memory Corruption Vulnerability - CVE-2014-4057 (MS14-051)
Description: Microsoft Internet Explorer 11 allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via a crafted web site, aka "Internet Explorer Memory Corruption Vulnerability," a different vulnerability than CVE-2014-2810, CVE-2014-2811, CVE-2014-2822, and CVE-2014-2823.
Family: windows Class: vulnerability
Reference(s): CVE-2014-4057
Version: 3
Platform(s): Microsoft Windows Server 2008 R2
Microsoft Windows Server 2012 R2
Microsoft Windows 7
Microsoft Windows 8.1
Product(s): Microsoft Internet Explorer 11
Definition Synopsis:
Definition Id: oval:org.mitre.oval:def:26452
 
Oval ID: oval:org.mitre.oval:def:26452
Title: Internet Explorer Memory Corruption Vulnerability - CVE-2014-2818 (MS14-051)
Description: Microsoft Internet Explorer 10 allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via a crafted web site, aka "Internet Explorer Memory Corruption Vulnerability."
Family: windows Class: vulnerability
Reference(s): CVE-2014-2818
Version: 3
Platform(s): Microsoft Windows Server 2008 R2
Microsoft Windows 7
Microsoft Windows 8
Microsoft Windows Server 2012
Product(s): Microsoft Internet Explorer 10
Definition Synopsis:
Definition Id: oval:org.mitre.oval:def:26043
 
Oval ID: oval:org.mitre.oval:def:26043
Title: Internet Explorer Memory Corruption Vulnerability - CVE-2014-2824 (MS14-051)
Description: Microsoft Internet Explorer 8 allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via a crafted web site, aka "Internet Explorer Memory Corruption Vulnerability."
Family: windows Class: vulnerability
Reference(s): CVE-2014-2824
Version: 3
Platform(s): Microsoft Windows Vista
Microsoft Windows Server 2003
Microsoft Windows Server 2008
Microsoft Windows Server 2008 R2
Microsoft Windows 7
Product(s): Microsoft Internet Explorer 8
Definition Synopsis:
Definition Id: oval:org.mitre.oval:def:26400
 
Oval ID: oval:org.mitre.oval:def:26400
Title: Internet Explorer Memory Corruption Vulnerability - CVE-2014-2784 (MS14-051)
Description: Microsoft Internet Explorer 8 through 11 allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via a crafted web site, aka "Internet Explorer Memory Corruption Vulnerability," a different vulnerability than CVE-2014-4051.
Family: windows Class: vulnerability
Reference(s): CVE-2014-2784
Version: 3
Platform(s): Microsoft Windows Vista
Microsoft Windows Server 2003
Microsoft Windows Server 2008
Microsoft Windows Server 2008 R2
Microsoft Windows Server 2012
Microsoft Windows Server 2012 R2
Microsoft Windows 7
Microsoft Windows 8
Microsoft Windows 8.1
Product(s): Microsoft Internet Explorer 8
Microsoft Internet Explorer 9
Microsoft Internet Explorer 10
Microsoft Internet Explorer 11
Definition Synopsis:
Definition Id: oval:org.mitre.oval:def:26399
 
Oval ID: oval:org.mitre.oval:def:26399
Title: Internet Explorer Memory Corruption Vulnerability - CVE-2014-2810 (MS14-051)
Description: Microsoft Internet Explorer 11 allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via a crafted web site, aka "Internet Explorer Memory Corruption Vulnerability," a different vulnerability than CVE-2014-2811, CVE-2014-2822, CVE-2014-2823, and CVE-2014-4057.
Family: windows Class: vulnerability
Reference(s): CVE-2014-2810
Version: 3
Platform(s): Microsoft Windows Server 2008 R2
Microsoft Windows Server 2012 R2
Microsoft Windows 7
Microsoft Windows 8.1
Product(s): Microsoft Internet Explorer 11
Definition Synopsis:
Definition Id: oval:org.mitre.oval:def:26092
 
Oval ID: oval:org.mitre.oval:def:26092
Title: Internet Explorer Memory Corruption Vulnerability - CVE-2014-4051 (MS14-051)
Description: Microsoft Internet Explorer 8 through 11 allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via a crafted web site, aka "Internet Explorer Memory Corruption Vulnerability," a different vulnerability than CVE-2014-2784.
Family: windows Class: vulnerability
Reference(s): CVE-2014-4051
Version: 3
Platform(s): Microsoft Windows Vista
Microsoft Windows Server 2003
Microsoft Windows Server 2008
Microsoft Windows Server 2008 R2
Microsoft Windows Server 2012
Microsoft Windows Server 2012 R2
Microsoft Windows 7
Microsoft Windows 8
Microsoft Windows 8.1
Product(s): Microsoft Internet Explorer 8
Microsoft Internet Explorer 9
Microsoft Internet Explorer 10
Microsoft Internet Explorer 11
Definition Synopsis:
Definition Id: oval:org.mitre.oval:def:25997
 
Oval ID: oval:org.mitre.oval:def:25997
Title: Internet Explorer Memory Corruption Vulnerability - CVE-2014-2820 (MS14-051)
Description: Microsoft Internet Explorer 6 through 11 allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via a crafted web site, aka "Internet Explorer Memory Corruption Vulnerability," a different vulnerability than CVE-2014-2774, CVE-2014-2826, CVE-2014-2827, and CVE-2014-4063.
Family: windows Class: vulnerability
Reference(s): CVE-2014-2820
Version: 3
Platform(s): Microsoft Windows Vista
Microsoft Windows Server 2003
Microsoft Windows Server 2008
Microsoft Windows Server 2008 R2
Microsoft Windows Server 2012
Microsoft Windows Server 2012 R2
Microsoft Windows 7
Microsoft Windows 8
Microsoft Windows 8.1
Product(s): Microsoft Internet Explorer 6
Microsoft Internet Explorer 7
Microsoft Internet Explorer 8
Microsoft Internet Explorer 9
Microsoft Internet Explorer 10
Microsoft Internet Explorer 11
Definition Synopsis:
Definition Id: oval:org.mitre.oval:def:25954
 
Oval ID: oval:org.mitre.oval:def:25954
Title: Internet Explorer Memory Corruption Vulnerability - CVE-2014-2823 (MS14-051)
Description: Microsoft Internet Explorer 11 allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via a crafted web site, aka "Internet Explorer Memory Corruption Vulnerability," a different vulnerability than CVE-2014-2810, CVE-2014-2811, CVE-2014-2822, and CVE-2014-4057.
Family: windows Class: vulnerability
Reference(s): CVE-2014-2823
Version: 3
Platform(s): Microsoft Windows Server 2008 R2
Microsoft Windows Server 2012 R2
Microsoft Windows 7
Microsoft Windows 8.1
Product(s): Microsoft Internet Explorer 11
Definition Synopsis:
Definition Id: oval:org.mitre.oval:def:26467
 
Oval ID: oval:org.mitre.oval:def:26467
Title: Internet Explorer Memory Corruption Vulnerability - CVE-2014-2774 (MS14-051)
Description: Microsoft Internet Explorer 6 through 11 allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via a crafted web site, aka "Internet Explorer Memory Corruption Vulnerability," a different vulnerability than CVE-2014-2820, CVE-2014-2826, CVE-2014-2827, and CVE-2014-4063.
Family: windows Class: vulnerability
Reference(s): CVE-2014-2774
Version: 3
Platform(s): Microsoft Windows Vista
Microsoft Windows Server 2003
Microsoft Windows Server 2008
Microsoft Windows Server 2008 R2
Microsoft Windows Server 2012
Microsoft Windows Server 2012 R2
Microsoft Windows 7
Microsoft Windows 8
Microsoft Windows 8.1
Product(s): Microsoft Internet Explorer 6
Microsoft Internet Explorer 7
Microsoft Internet Explorer 8
Microsoft Internet Explorer 9
Microsoft Internet Explorer 10
Microsoft Internet Explorer 11
Definition Synopsis:
Definition Id: oval:org.mitre.oval:def:25962
 
Oval ID: oval:org.mitre.oval:def:25962
Title: Internet Explorer Memory Corruption Vulnerability - CVE-2014-2808 (MS14-051)
Description: Microsoft Internet Explorer 10 and 11 allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via a crafted web site, aka "Internet Explorer Memory Corruption Vulnerability," a different vulnerability than CVE-2014-2796, CVE-2014-2825, CVE-2014-4050, CVE-2014-4055, and CVE-2014-4067.
Family: windows Class: vulnerability
Reference(s): CVE-2014-2808
Version: 3
Platform(s): Microsoft Windows Server 2008 R2
Microsoft Windows Server 2012
Microsoft Windows Server 2012 R2
Microsoft Windows 7
Microsoft Windows 8
Microsoft Windows 8.1
Product(s): Microsoft Internet Explorer 10
Microsoft Internet Explorer 11
Definition Synopsis:
Definition Id: oval:org.mitre.oval:def:26001
 
Oval ID: oval:org.mitre.oval:def:26001
Title: Internet Explorer Memory Corruption Vulnerability - CVE-2014-2811 (MS14-051)
Description: Microsoft Internet Explorer 11 allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via a crafted web site, aka "Internet Explorer Memory Corruption Vulnerability," a different vulnerability than CVE-2014-2810, CVE-2014-2822, CVE-2014-2823, and CVE-2014-4057.
Family: windows Class: vulnerability
Reference(s): CVE-2014-2811
Version: 3
Platform(s): Microsoft Windows Server 2008 R2
Microsoft Windows Server 2012 R2
Microsoft Windows 7
Microsoft Windows 8.1
Product(s): Microsoft Internet Explorer 11
Definition Synopsis:

CPE : Common Platform Enumeration

TypeDescriptionCount
Application7
Application2

Information Assurance Vulnerability Management (IAVM)

DateDescription
2014-11-13IAVM : 2014-B-0146 - Vulnerability in Microsoft Internet Information Services (IIS)
Severity : Category II - VMSKEY : V0057359

Snort® IPS/IDS

DateDescription
2019-06-04Microsoft Internet Explorer cdomuievent use after free attempt
RuleID : 49989 - Revision : 1 - Type : BROWSER-IE
2019-06-04Microsoft Internet Explorer cdomuievent use after free attempt
RuleID : 49988 - Revision : 1 - Type : BROWSER-IE
2019-03-14Microsoft Internet Explorer HtmlLayout styling use after free attempt
RuleID : 49187 - Revision : 1 - Type : BROWSER-IE
2019-03-14Microsoft Internet Explorer HtmlLayout styling use after free attempt
RuleID : 49186 - Revision : 1 - Type : BROWSER-IE
2014-11-25Microsoft Internet Explorer onreadystatechange use after free attempt
RuleID : 32318 - Revision : 2 - Type : BROWSER-IE
2014-11-25Microsoft Internet Explorer onreadystatechange use after free attempt
RuleID : 32317 - Revision : 2 - Type : BROWSER-IE
2014-11-16Microsoft Internet Explorer margin overflow use after free attempt
RuleID : 31635 - Revision : 3 - Type : BROWSER-IE
2014-11-16Microsoft Internet Explorer margin overflow use after free attempt
RuleID : 31634 - Revision : 3 - Type : BROWSER-IE
2014-11-16Microsoft Internet Explorer CMarkup insertMarquee use after free attempt
RuleID : 31630 - Revision : 3 - Type : BROWSER-IE
2014-11-16Microsoft Internet Explorer CMarkup insertMarquee use after free attempt
RuleID : 31629 - Revision : 3 - Type : BROWSER-IE
2014-11-16Microsoft Internet Explorer cdomuievent use after free attempt
RuleID : 31628 - Revision : 4 - Type : BROWSER-IE
2014-11-16Microsoft Internet Explorer cdomuievent use after free attempt
RuleID : 31627 - Revision : 4 - Type : BROWSER-IE
2014-11-16Microsoft Internet Explorer Use after free attempt
RuleID : 31626 - Revision : 2 - Type : BROWSER-IE
2014-11-16Microsoft Internet Explorer Use after free attempt
RuleID : 31625 - Revision : 2 - Type : BROWSER-IE
2014-11-16Microsoft Internet Explorer onreadystatechange use after free attempt
RuleID : 31622 - Revision : 2 - Type : BROWSER-IE
2014-11-16Microsoft Internet Explorer onreadystatechange use after free attempt
RuleID : 31621 - Revision : 2 - Type : BROWSER-IE
2014-11-16Microsoft Internet Explorer kbd element use-after-free attempt
RuleID : 31620 - Revision : 2 - Type : BROWSER-IE
2014-11-16Microsoft Internet Explorer kbd element use-after-free attempt
RuleID : 31619 - Revision : 2 - Type : BROWSER-IE

Nessus® Vulnerability Scanner

DateDescription
2014-11-12Name : The remote Windows host is affected by a security feature bypass vulnerability.
File : smb_nt_ms14-076.nasl - Type : ACT_GATHER_INFO
2014-08-12Name : The remote host has a web browser that is affected by multiple vulnerabilities.
File : smb_nt_ms14-051.nasl - Type : ACT_GATHER_INFO

Alert History

If you want to see full details history, please login or register.
0
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
DateInformations
2018-02-09 05:20:37
  • Multiple Updates
2017-06-28 05:23:19
  • Multiple Updates
2015-06-18 05:28:57
  • Multiple Updates
2015-06-18 05:16:15
  • Multiple Updates
2015-06-04 05:33:45
  • Multiple Updates
2015-06-04 05:15:42
  • Multiple Updates
2014-12-20 00:26:19
  • Multiple Updates
2014-12-20 00:15:53
  • Multiple Updates
2014-11-25 21:26:40
  • Multiple Updates
2014-11-16 21:25:26
  • Multiple Updates
2014-10-09 05:33:43
  • Multiple Updates
2014-10-09 05:21:51
  • Multiple Updates
2014-08-13 21:28:42
  • Multiple Updates
2014-08-13 13:25:00
  • Multiple Updates
2014-08-13 05:25:48
  • Multiple Updates
2014-08-12 21:29:09
  • Multiple Updates
2014-08-12 21:18:11
  • First insertion