Executive Summary

Summary
Title Microsoft Internet Explorer 8 CMarkup use-after-free vulnerability
Informations
Name VU#239151 First vendor Publication 2014-05-21
Vendor VU-CERT Last vendor Modification 2014-05-23
Severity (Vendor) N/A Revision M

Security-Database Scoring CVSS v3

Cvss vector : N/A
Overall CVSS Score NA
Base Score NA Environmental Score NA
impact SubScore NA Temporal Score NA
Exploitabality Sub Score NA
 
Calculate full CVSS 3.0 Vectors scores

Security-Database Scoring CVSS v2

Cvss vector : (AV:N/AC:M/Au:N/C:C/I:C/A:C)
Cvss Base Score 9.3 Attack Range Network
Cvss Impact Score 10 Attack Complexity Medium
Cvss Expoit Score 8.6 Authentication None Required
Calculate full CVSS 2.0 Vectors scores

Detail

Vulnerability Note VU#239151

Microsoft Internet Explorer 8 CMarkup use-after-free vulnerability

Original Release date: 21 May 2014 | Last revised: 23 May 2014

Overview

Microsoft Internet Explorer 8 contains a use-after-free vulnerability that can allow a remote, unauthenticated attacker to execute arbitrary code on a vulnerable system.

Description

Microsoft Internet Explorer 8 contains a use-after-free vulnerability. This can allow for arbitrary code execution. Additional details may be found in the Zero Day Initiative advisory ZDI-14-140.

Impact

By convincing a user to view a specially crafted HTML document (e.g., a web page or an HTML email message or attachment), an attacker may be able to execute arbitrary code.

Solution

Apply an Update

Users should upgrade to Internet Explorer 11.

Users that are unable to upgrade past Internet Explorer 8 should consider the following workarounds. Windows XP users will not be able to upgrade past Internet Explorer 8.

Use the Microsoft Enhanced Mitigation Experience Toolkit

The Microsoft Enhanced Mitigation Experience Toolkit (EMET) can be used to help prevent exploitation of this vulnerability. Note that platforms that do not support ASLR, such as Windows XP and Windows Server 2003, will not receive the same level of protection that modern Windows platforms will.

Disable ActiveX and Active Scripting

Set the Internet security zone setting to "High" to block ActiveX Controls and Active Scripting.

Vendor Information (Learn More)

VendorStatusDate NotifiedDate Updated
Microsoft CorporationAffected-21 May 2014
If you are a vendor and your product is affected, let us know.

CVSS Metrics (Learn More)

GroupScoreVector
Base6.8AV:N/AC:M/Au:N/C:P/I:P/A:P
Temporal6.5E:H/RL:W/RC:C
Environmental8.2CDP:MH/TD:H/CR:H/IR:H/AR:L

References

  • http://zerodayinitiative.com/advisories/ZDI-14-140/
  • https://www.corelan.be/index.php/2014/05/22/on-cve-2014-1770-zdi-14-140-internet-explorer-8-0day/

Credit

This vulnerability was discovered by Peter 'corelanc0d3r' Van Eeckhoutte and coordinated by the Zero Day Initiative.

This document was written by Jared Allar.

Other Information

  • CVE IDs:CVE-2014-1770
  • Date Public:21 May 2014
  • Date First Published:21 May 2014
  • Date Last Updated:23 May 2014
  • Document Revision:11

Feedback

If you have feedback, comments, or additional information about this vulnerability, please send us email.

Original Source

Url : http://www.kb.cert.org/vuls/id/239151

CWE : Common Weakness Enumeration

% Id Name
100 % CWE-399 Resource Management Errors

OVAL Definitions

Definition Id: oval:org.mitre.oval:def:24170
 
Oval ID: oval:org.mitre.oval:def:24170
Title: Internet Explorer Memory Corruption Vulnerability (CVE-2014-1770) - MS14-035
Description: Use-after-free vulnerability in Microsoft Internet Explorer 6 through 11 allows remote attackers to execute arbitrary code via crafted JavaScript code that interacts improperly with a CollectGarbage function call on a CMarkup object allocated by the CMarkup::CreateInitialMarkup function.
Family: windows Class: vulnerability
Reference(s): CVE-2014-1770
 Version: 5
Platform(s): Microsoft Windows Vista
Microsoft Windows Server 2003
Microsoft Windows Server 2008
Microsoft Windows Server 2008 R2
Microsoft Windows Server 2012
Microsoft Windows Server 2012 R2
Microsoft Windows 7
Microsoft Windows 8
Microsoft Windows 8.1
 Product(s): Microsoft Internet Explorer 6
Microsoft Internet Explorer 7
Microsoft Internet Explorer 8
Microsoft Internet Explorer 9
Microsoft Internet Explorer 10
Microsoft Internet Explorer 11
Definition Synopsis:

CPE : Common Platform Enumeration

TypeDescriptionCount
Application 6

Information Assurance Vulnerability Management (IAVM)

Date Description
2014-06-12 IAVM : 2014-A-0079 - Cumulative Security Update for Microsoft Internet Explorer
Severity : Category I - VMSKEY : V0052493

Nessus® Vulnerability Scanner

Date Description
2014-06-11 Name : The remote host has a web browser that is affected by multiple vulnerabilities.
File : smb_nt_ms14-035.nasl - Type : ACT_GATHER_INFO
2014-05-22 Name : The remote host has a version of Internet Explorer installed that is affected...
File : smb_ie_cve_2014_1770.nasl - Type : ACT_GATHER_INFO

Alert History

If you want to see full details history, please login or register.
0
1
2
3
4
5
6
Date Informations
2015-05-08 13:28:00
  • Multiple Updates
2014-05-23 21:21:06
  • Multiple Updates
2014-05-23 17:24:48
  • Multiple Updates
2014-05-23 13:23:57
  • Multiple Updates
2014-05-22 21:21:31
  • Multiple Updates
2014-05-22 17:25:06
  • Multiple Updates
2014-05-22 00:19:47
  • First insertion