Executive Summary

Summary
Title Cumulative Security Update for Internet Explorer (2976627)
Informations
Name MS14-051 First vendor Publication 2014-08-12
Vendor Microsoft Last vendor Modification 2015-06-17
Severity (Vendor) Critical Revision 1.4

Security-Database Scoring CVSS v3

Cvss vector : N/A
Overall CVSS Score NA
Base Score NA Environmental Score NA
impact SubScore NA Temporal Score NA
Exploitabality Sub Score NA
 
Calculate full CVSS 3.0 Vectors scores

Security-Database Scoring CVSS v2

Cvss vector : (AV:N/AC:M/Au:N/C:C/I:C/A:C)
Cvss Base Score 9.3 Attack Range Network
Cvss Impact Score 10 Attack Complexity Medium
Cvss Expoit Score 8.6 Authentication None Required
Calculate full CVSS 2.0 Vectors scores

Detail

Severity Rating: Critical
Revision Note: V1.4 (June 17, 2015): Replaced CVE number CVE-2014-4078 with CVE number CVE-2014-8985. This is an informational change only. The CVE description was not changed. Customers who have already successfully installed the update do not need to take any action.
Summary: This security update resolves one publicly disclosed and twenty-five privately reported vulnerabilities in Internet Explorer. The most severe of these vulnerabilities could allow remote code execution if a user views a specially crafted webpage using Internet Explorer. An attacker who successfully exploited these vulnerabilities could gain the same user rights as the current user. Customers whose accounts are configured to have fewer user rights on the system could be less impacted than those who operate with administrative user rights.

Original Source

Url : https://technet.microsoft.com/en-us/library/security/MS14-051

CWE : Common Weakness Enumeration

% Id Name
93 % CWE-119 Failure to Constrain Operations within the Bounds of a Memory Buffer
7 % CWE-264 Permissions, Privileges, and Access Controls

OVAL Definitions

Definition Id: oval:org.mitre.oval:def:25954
 
Oval ID: oval:org.mitre.oval:def:25954
Title: Internet Explorer Memory Corruption Vulnerability - CVE-2014-2823 (MS14-051)
Description: Microsoft Internet Explorer 11 allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via a crafted web site, aka "Internet Explorer Memory Corruption Vulnerability," a different vulnerability than CVE-2014-2810, CVE-2014-2811, CVE-2014-2822, and CVE-2014-4057.
Family: windows Class: vulnerability
Reference(s): CVE-2014-2823
 Version: 3
Platform(s): Microsoft Windows Server 2008 R2
Microsoft Windows Server 2012 R2
Microsoft Windows 7
Microsoft Windows 8.1
 Product(s): Microsoft Internet Explorer 11
Definition Synopsis:
Definition Id: oval:org.mitre.oval:def:25962
 
Oval ID: oval:org.mitre.oval:def:25962
Title: Internet Explorer Memory Corruption Vulnerability - CVE-2014-2808 (MS14-051)
Description: Microsoft Internet Explorer 10 and 11 allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via a crafted web site, aka "Internet Explorer Memory Corruption Vulnerability," a different vulnerability than CVE-2014-2796, CVE-2014-2825, CVE-2014-4050, CVE-2014-4055, and CVE-2014-4067.
Family: windows Class: vulnerability
Reference(s): CVE-2014-2808
 Version: 3
Platform(s): Microsoft Windows Server 2008 R2
Microsoft Windows Server 2012
Microsoft Windows Server 2012 R2
Microsoft Windows 7
Microsoft Windows 8
Microsoft Windows 8.1
 Product(s): Microsoft Internet Explorer 10
Microsoft Internet Explorer 11
Definition Synopsis:
Definition Id: oval:org.mitre.oval:def:25997
 
Oval ID: oval:org.mitre.oval:def:25997
Title: Internet Explorer Memory Corruption Vulnerability - CVE-2014-2820 (MS14-051)
Description: Microsoft Internet Explorer 6 through 11 allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via a crafted web site, aka "Internet Explorer Memory Corruption Vulnerability," a different vulnerability than CVE-2014-2774, CVE-2014-2826, CVE-2014-2827, and CVE-2014-4063.
Family: windows Class: vulnerability
Reference(s): CVE-2014-2820
 Version: 3
Platform(s): Microsoft Windows Vista
Microsoft Windows Server 2003
Microsoft Windows Server 2008
Microsoft Windows Server 2008 R2
Microsoft Windows Server 2012
Microsoft Windows Server 2012 R2
Microsoft Windows 7
Microsoft Windows 8
Microsoft Windows 8.1
 Product(s): Microsoft Internet Explorer 6
Microsoft Internet Explorer 7
Microsoft Internet Explorer 8
Microsoft Internet Explorer 9
Microsoft Internet Explorer 10
Microsoft Internet Explorer 11
Definition Synopsis:
Definition Id: oval:org.mitre.oval:def:26001
 
Oval ID: oval:org.mitre.oval:def:26001
Title: Internet Explorer Memory Corruption Vulnerability - CVE-2014-2811 (MS14-051)
Description: Microsoft Internet Explorer 11 allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via a crafted web site, aka "Internet Explorer Memory Corruption Vulnerability," a different vulnerability than CVE-2014-2810, CVE-2014-2822, CVE-2014-2823, and CVE-2014-4057.
Family: windows Class: vulnerability
Reference(s): CVE-2014-2811
 Version: 3
Platform(s): Microsoft Windows Server 2008 R2
Microsoft Windows Server 2012 R2
Microsoft Windows 7
Microsoft Windows 8.1
 Product(s): Microsoft Internet Explorer 11
Definition Synopsis:
Definition Id: oval:org.mitre.oval:def:26043
 
Oval ID: oval:org.mitre.oval:def:26043
Title: Internet Explorer Memory Corruption Vulnerability - CVE-2014-2824 (MS14-051)
Description: Microsoft Internet Explorer 8 allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via a crafted web site, aka "Internet Explorer Memory Corruption Vulnerability."
Family: windows Class: vulnerability
Reference(s): CVE-2014-2824
 Version: 3
Platform(s): Microsoft Windows Vista
Microsoft Windows Server 2003
Microsoft Windows Server 2008
Microsoft Windows Server 2008 R2
Microsoft Windows 7
 Product(s): Microsoft Internet Explorer 8
Definition Synopsis:
Definition Id: oval:org.mitre.oval:def:26073
 
Oval ID: oval:org.mitre.oval:def:26073
Title: Internet Explorer Memory Corruption Vulnerability - CVE-2014-4057 (MS14-051)
Description: Microsoft Internet Explorer 11 allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via a crafted web site, aka "Internet Explorer Memory Corruption Vulnerability," a different vulnerability than CVE-2014-2810, CVE-2014-2811, CVE-2014-2822, and CVE-2014-2823.
Family: windows Class: vulnerability
Reference(s): CVE-2014-4057
 Version: 3
Platform(s): Microsoft Windows Server 2008 R2
Microsoft Windows Server 2012 R2
Microsoft Windows 7
Microsoft Windows 8.1
 Product(s): Microsoft Internet Explorer 11
Definition Synopsis:
Definition Id: oval:org.mitre.oval:def:26092
 
Oval ID: oval:org.mitre.oval:def:26092
Title: Internet Explorer Memory Corruption Vulnerability - CVE-2014-4051 (MS14-051)
Description: Microsoft Internet Explorer 8 through 11 allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via a crafted web site, aka "Internet Explorer Memory Corruption Vulnerability," a different vulnerability than CVE-2014-2784.
Family: windows Class: vulnerability
Reference(s): CVE-2014-4051
 Version: 3
Platform(s): Microsoft Windows Vista
Microsoft Windows Server 2003
Microsoft Windows Server 2008
Microsoft Windows Server 2008 R2
Microsoft Windows Server 2012
Microsoft Windows Server 2012 R2
Microsoft Windows 7
Microsoft Windows 8
Microsoft Windows 8.1
 Product(s): Microsoft Internet Explorer 8
Microsoft Internet Explorer 9
Microsoft Internet Explorer 10
Microsoft Internet Explorer 11
Definition Synopsis:
Definition Id: oval:org.mitre.oval:def:26109
 
Oval ID: oval:org.mitre.oval:def:26109
Title: Internet Explorer Memory Corruption Vulnerability - CVE-2014-2827 (MS14-051)
Description: Microsoft Internet Explorer 6 through 11 allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via a crafted web site, aka "Internet Explorer Memory Corruption Vulnerability," a different vulnerability than CVE-2014-2774, CVE-2014-2820, CVE-2014-2826, and CVE-2014-4063.
Family: windows Class: vulnerability
Reference(s): CVE-2014-2827
 Version: 3
Platform(s): Microsoft Windows Vista
Microsoft Windows Server 2003
Microsoft Windows Server 2008
Microsoft Windows Server 2008 R2
Microsoft Windows Server 2012
Microsoft Windows Server 2012 R2
Microsoft Windows 7
Microsoft Windows 8
Microsoft Windows 8.1
 Product(s): Microsoft Internet Explorer 6
Microsoft Internet Explorer 7
Microsoft Internet Explorer 8
Microsoft Internet Explorer 9
Microsoft Internet Explorer 10
Microsoft Internet Explorer 11
Definition Synopsis:
Definition Id: oval:org.mitre.oval:def:26120
 
Oval ID: oval:org.mitre.oval:def:26120
Title: Internet Explorer Memory Corruption Vulnerability - CVE-2014-4063 (MS14-051)
Description: Microsoft Internet Explorer 6 through 11 allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via a crafted web site, aka "Internet Explorer Memory Corruption Vulnerability," a different vulnerability than CVE-2014-2774, CVE-2014-2820, CVE-2014-2826, and CVE-2014-2827.
Family: windows Class: vulnerability
Reference(s): CVE-2014-4063
 Version: 3
Platform(s): Microsoft Windows Vista
Microsoft Windows Server 2003
Microsoft Windows Server 2008
Microsoft Windows Server 2008 R2
Microsoft Windows Server 2012
Microsoft Windows Server 2012 R2
Microsoft Windows 7
Microsoft Windows 8
Microsoft Windows 8.1
 Product(s): Microsoft Internet Explorer 6
Microsoft Internet Explorer 7
Microsoft Internet Explorer 8
Microsoft Internet Explorer 9
Microsoft Internet Explorer 10
Microsoft Internet Explorer 11
Definition Synopsis:
Definition Id: oval:org.mitre.oval:def:26121
 
Oval ID: oval:org.mitre.oval:def:26121
Title: Internet Explorer Memory Corruption Vulnerability - CVE-2014-2826 (MS14-051)
Description: Microsoft Internet Explorer 6 through 11 allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via a crafted web site, aka "Internet Explorer Memory Corruption Vulnerability," a different vulnerability than CVE-2014-2774, CVE-2014-2820, CVE-2014-2827, and CVE-2014-4063.
Family: windows Class: vulnerability
Reference(s): CVE-2014-2826
 Version: 3
Platform(s): Microsoft Windows Vista
Microsoft Windows Server 2003
Microsoft Windows Server 2008
Microsoft Windows Server 2008 R2
Microsoft Windows Server 2012
Microsoft Windows Server 2012 R2
Microsoft Windows 7
Microsoft Windows 8
Microsoft Windows 8.1
 Product(s): Microsoft Internet Explorer 6
Microsoft Internet Explorer 7
Microsoft Internet Explorer 8
Microsoft Internet Explorer 9
Microsoft Internet Explorer 10
Microsoft Internet Explorer 11
Definition Synopsis:
Definition Id: oval:org.mitre.oval:def:26127
 
Oval ID: oval:org.mitre.oval:def:26127
Title: Internet Explorer Memory Corruption Vulnerability - CVE-2014-4067 (MS14-051)
Description: Microsoft Internet Explorer 10 and 11 allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via a crafted web site, aka "Internet Explorer Memory Corruption Vulnerability," a different vulnerability than CVE-2014-2796, CVE-2014-2808, CVE-2014-2825, CVE-2014-4050, and CVE-2014-4055.
Family: windows Class: vulnerability
Reference(s): CVE-2014-4067
 Version: 3
Platform(s): Microsoft Windows Server 2008 R2
Microsoft Windows Server 2012
Microsoft Windows Server 2012 R2
Microsoft Windows 7
Microsoft Windows 8
Microsoft Windows 8.1
 Product(s): Microsoft Internet Explorer 10
Microsoft Internet Explorer 11
Definition Synopsis:
Definition Id: oval:org.mitre.oval:def:26158
 
Oval ID: oval:org.mitre.oval:def:26158
Title: Internet Explorer Memory Corruption Vulnerability - CVE-2014-2825 (MS14-051)
Description: Microsoft Internet Explorer 10 and 11 allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via a crafted web site, aka "Internet Explorer Memory Corruption Vulnerability," a different vulnerability than CVE-2014-2796, CVE-2014-2808, CVE-2014-4050, CVE-2014-4055, and CVE-2014-4067.
Family: windows Class: vulnerability
Reference(s): CVE-2014-2825
 Version: 3
Platform(s): Microsoft Windows Server 2008 R2
Microsoft Windows Server 2012
Microsoft Windows Server 2012 R2
Microsoft Windows 7
Microsoft Windows 8
Microsoft Windows 8.1
 Product(s): Microsoft Internet Explorer 10
Microsoft Internet Explorer 11
Definition Synopsis:
Definition Id: oval:org.mitre.oval:def:26164
 
Oval ID: oval:org.mitre.oval:def:26164
Title: Internet Explorer Memory Corruption Vulnerability - CVE-2014-4055 (MS14-051)
Description: Microsoft Internet Explorer 10 and 11 allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via a crafted web site, aka "Internet Explorer Memory Corruption Vulnerability," a different vulnerability than CVE-2014-2796, CVE-2014-2808, CVE-2014-2825, CVE-2014-4050, and CVE-2014-4067.
Family: windows Class: vulnerability
Reference(s): CVE-2014-4055
 Version: 3
Platform(s): Microsoft Windows Server 2008 R2
Microsoft Windows Server 2012
Microsoft Windows Server 2012 R2
Microsoft Windows 7
Microsoft Windows 8
Microsoft Windows 8.1
 Product(s): Microsoft Internet Explorer 10
Microsoft Internet Explorer 11
Definition Synopsis:
Definition Id: oval:org.mitre.oval:def:26227
 
Oval ID: oval:org.mitre.oval:def:26227
Title: Internet Explorer Memory Corruption Vulnerability - CVE-2014-2796 (MS14-051)
Description: Microsoft Internet Explorer 10 and 11 allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via a crafted web site, aka "Internet Explorer Memory Corruption Vulnerability," a different vulnerability than CVE-2014-2808, CVE-2014-2825, CVE-2014-4050, CVE-2014-4055, and CVE-2014-4067.
Family: windows Class: vulnerability
Reference(s): CVE-2014-2796
 Version: 3
Platform(s): Microsoft Windows Server 2008 R2
Microsoft Windows Server 2012
Microsoft Windows Server 2012 R2
Microsoft Windows 7
Microsoft Windows 8
Microsoft Windows 8.1
 Product(s): Microsoft Internet Explorer 10
Microsoft Internet Explorer 11
Definition Synopsis:
Definition Id: oval:org.mitre.oval:def:26288
 
Oval ID: oval:org.mitre.oval:def:26288
Title: Internet Explorer Memory Corruption Vulnerability - CVE-2014-4050 (MS14-051)
Description: Microsoft Internet Explorer 10 and 11 allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via a crafted web site, aka "Internet Explorer Memory Corruption Vulnerability," a different vulnerability than CVE-2014-2796, CVE-2014-2808, CVE-2014-2825, CVE-2014-4055, and CVE-2014-4067.
Family: windows Class: vulnerability
Reference(s): CVE-2014-4050
 Version: 3
Platform(s): Microsoft Windows Server 2008 R2
Microsoft Windows Server 2012
Microsoft Windows Server 2012 R2
Microsoft Windows 7
Microsoft Windows 8
Microsoft Windows 8.1
 Product(s): Microsoft Internet Explorer 10
Microsoft Internet Explorer 11
Definition Synopsis:
Definition Id: oval:org.mitre.oval:def:26305
 
Oval ID: oval:org.mitre.oval:def:26305
Title: Internet Explorer Memory Corruption Vulnerability - CVE-2014-2819 (MS14-051)
Description: Microsoft Internet Explorer 7 through 11 allows remote attackers to gain privileges via a crafted web site, aka "Internet Explorer Elevation of Privilege Vulnerability."
Family: windows Class: vulnerability
Reference(s): CVE-2014-2819
 Version: 3
Platform(s): Microsoft Windows Vista
Microsoft Windows Server 2003
Microsoft Windows Server 2008
Microsoft Windows Server 2008 R2
Microsoft Windows Server 2012
Microsoft Windows Server 2012 R2
Microsoft Windows 7
Microsoft Windows 8
Microsoft Windows 8.1
 Product(s): Microsoft Internet Explorer 7
Microsoft Internet Explorer 8
Microsoft Internet Explorer 9
Microsoft Internet Explorer 10
Microsoft Internet Explorer 11
Definition Synopsis:
Definition Id: oval:org.mitre.oval:def:26306
 
Oval ID: oval:org.mitre.oval:def:26306
Title: Internet Explorer Memory Corruption Vulnerability - CVE-2014-2817 (MS14-051)
Description: Microsoft Internet Explorer 6 through 11 allows remote attackers to gain privileges via a crafted web site, aka "Internet Explorer Elevation of Privilege Vulnerability."
Family: windows Class: vulnerability
Reference(s): CVE-2014-2817
 Version: 3
Platform(s): Microsoft Windows Vista
Microsoft Windows Server 2003
Microsoft Windows Server 2008
Microsoft Windows Server 2008 R2
Microsoft Windows Server 2012
Microsoft Windows Server 2012 R2
Microsoft Windows 7
Microsoft Windows 8
Microsoft Windows 8.1
 Product(s): Microsoft Internet Explorer 6
Microsoft Internet Explorer 7
Microsoft Internet Explorer 8
Microsoft Internet Explorer 9
Microsoft Internet Explorer 10
Microsoft Internet Explorer 11
Definition Synopsis:
Definition Id: oval:org.mitre.oval:def:26321
 
Oval ID: oval:org.mitre.oval:def:26321
Title: Internet Explorer Memory Corruption Vulnerability - CVE-2014-4052 (MS14-051)
Description: Microsoft Internet Explorer 9 and 10 allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via a crafted web site, aka "Internet Explorer Memory Corruption Vulnerability."
Family: windows Class: vulnerability
Reference(s): CVE-2014-4052
 Version: 3
Platform(s): Microsoft Windows Vista
Microsoft Windows Server 2008
Microsoft Windows Server 2008 R2
Microsoft Windows Server 2012
Microsoft Windows 7
Microsoft Windows 8
 Product(s): Microsoft Internet Explorer 9
Microsoft Internet Explorer 10
Definition Synopsis:
Definition Id: oval:org.mitre.oval:def:26358
 
Oval ID: oval:org.mitre.oval:def:26358
Title: Internet Explorer Memory Corruption Vulnerability - CVE-2014-2821 (MS14-051)
Description: Microsoft Internet Explorer 8 and 9 allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via a crafted web site, aka "Internet Explorer Memory Corruption Vulnerability."
Family: windows Class: vulnerability
Reference(s): CVE-2014-2821
 Version: 3
Platform(s): Microsoft Windows Vista
Microsoft Windows Server 2003
Microsoft Windows Server 2008
Microsoft Windows Server 2008 R2
Microsoft Windows 7
 Product(s): Microsoft Internet Explorer 8
Microsoft Internet Explorer 9
Definition Synopsis:
Definition Id: oval:org.mitre.oval:def:26394
 
Oval ID: oval:org.mitre.oval:def:26394
Title: Internet Explorer Memory Corruption Vulnerability - CVE-2014-4058 (MS14-051)
Description: Microsoft Internet Explorer 9 through 11 allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via a crafted web site, aka "Internet Explorer Memory Corruption Vulnerability."
Family: windows Class: vulnerability
Reference(s): CVE-2014-4058
 Version: 3
Platform(s): Microsoft Windows Vista
Microsoft Windows Server 2008
Microsoft Windows Server 2008 R2
Microsoft Windows Server 2012
Microsoft Windows Server 2012 R2
Microsoft Windows 7
Microsoft Windows 8
Microsoft Windows 8.1
 Product(s): Microsoft Internet Explorer 9
Microsoft Internet Explorer 10
Microsoft Internet Explorer 11
Definition Synopsis:
Definition Id: oval:org.mitre.oval:def:26398
 
Oval ID: oval:org.mitre.oval:def:26398
Title: Internet Explorer Memory Corruption Vulnerability - CVE-2014-2822 (MS14-051)
Description: Microsoft Internet Explorer 11 allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via a crafted web site, aka "Internet Explorer Memory Corruption Vulnerability," a different vulnerability than CVE-2014-2810, CVE-2014-2811, CVE-2014-2823, and CVE-2014-4057.
Family: windows Class: vulnerability
Reference(s): CVE-2014-2822
 Version: 3
Platform(s): Microsoft Windows Server 2008 R2
Microsoft Windows Server 2012 R2
Microsoft Windows 7
Microsoft Windows 8.1
 Product(s): Microsoft Internet Explorer 11
Definition Synopsis:
Definition Id: oval:org.mitre.oval:def:26399
 
Oval ID: oval:org.mitre.oval:def:26399
Title: Internet Explorer Memory Corruption Vulnerability - CVE-2014-2810 (MS14-051)
Description: Microsoft Internet Explorer 11 allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via a crafted web site, aka "Internet Explorer Memory Corruption Vulnerability," a different vulnerability than CVE-2014-2811, CVE-2014-2822, CVE-2014-2823, and CVE-2014-4057.
Family: windows Class: vulnerability
Reference(s): CVE-2014-2810
 Version: 3
Platform(s): Microsoft Windows Server 2008 R2
Microsoft Windows Server 2012 R2
Microsoft Windows 7
Microsoft Windows 8.1
 Product(s): Microsoft Internet Explorer 11
Definition Synopsis:
Definition Id: oval:org.mitre.oval:def:26400
 
Oval ID: oval:org.mitre.oval:def:26400
Title: Internet Explorer Memory Corruption Vulnerability - CVE-2014-2784 (MS14-051)
Description: Microsoft Internet Explorer 8 through 11 allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via a crafted web site, aka "Internet Explorer Memory Corruption Vulnerability," a different vulnerability than CVE-2014-4051.
Family: windows Class: vulnerability
Reference(s): CVE-2014-2784
 Version: 3
Platform(s): Microsoft Windows Vista
Microsoft Windows Server 2003
Microsoft Windows Server 2008
Microsoft Windows Server 2008 R2
Microsoft Windows Server 2012
Microsoft Windows Server 2012 R2
Microsoft Windows 7
Microsoft Windows 8
Microsoft Windows 8.1
 Product(s): Microsoft Internet Explorer 8
Microsoft Internet Explorer 9
Microsoft Internet Explorer 10
Microsoft Internet Explorer 11
Definition Synopsis:
Definition Id: oval:org.mitre.oval:def:26452
 
Oval ID: oval:org.mitre.oval:def:26452
Title: Internet Explorer Memory Corruption Vulnerability - CVE-2014-2818 (MS14-051)
Description: Microsoft Internet Explorer 10 allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via a crafted web site, aka "Internet Explorer Memory Corruption Vulnerability."
Family: windows Class: vulnerability
Reference(s): CVE-2014-2818
 Version: 3
Platform(s): Microsoft Windows Server 2008 R2
Microsoft Windows 7
Microsoft Windows 8
Microsoft Windows Server 2012
 Product(s): Microsoft Internet Explorer 10
Definition Synopsis:
Definition Id: oval:org.mitre.oval:def:26467
 
Oval ID: oval:org.mitre.oval:def:26467
Title: Internet Explorer Memory Corruption Vulnerability - CVE-2014-2774 (MS14-051)
Description: Microsoft Internet Explorer 6 through 11 allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via a crafted web site, aka "Internet Explorer Memory Corruption Vulnerability," a different vulnerability than CVE-2014-2820, CVE-2014-2826, CVE-2014-2827, and CVE-2014-4063.
Family: windows Class: vulnerability
Reference(s): CVE-2014-2774
 Version: 3
Platform(s): Microsoft Windows Vista
Microsoft Windows Server 2003
Microsoft Windows Server 2008
Microsoft Windows Server 2008 R2
Microsoft Windows Server 2012
Microsoft Windows Server 2012 R2
Microsoft Windows 7
Microsoft Windows 8
Microsoft Windows 8.1
 Product(s): Microsoft Internet Explorer 6
Microsoft Internet Explorer 7
Microsoft Internet Explorer 8
Microsoft Internet Explorer 9
Microsoft Internet Explorer 10
Microsoft Internet Explorer 11
Definition Synopsis:
Definition Id: oval:org.mitre.oval:def:26479
 
Oval ID: oval:org.mitre.oval:def:26479
Title: Internet Explorer Memory Corruption Vulnerability - CVE-2014-4056 (MS14-051)
Description: Microsoft Internet Explorer 7 through 10 allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via a crafted web site, aka "Internet Explorer Memory Corruption Vulnerability."
Family: windows Class: vulnerability
Reference(s): CVE-2014-4056
 Version: 3
Platform(s): Microsoft Windows Vista
Microsoft Windows Server 2003
Microsoft Windows Server 2008
Microsoft Windows Server 2008 R2
Microsoft Windows Server 2012
Microsoft Windows 7
Microsoft Windows 8
 Product(s): Microsoft Internet Explorer 7
Microsoft Internet Explorer 8
Microsoft Internet Explorer 9
Microsoft Internet Explorer 10
Definition Synopsis:
Definition Id: oval:org.mitre.oval:def:27909
 
Oval ID: oval:org.mitre.oval:def:27909
Title: IIS Security feature bypass vulnerability - CVE-2014-4078 (MS14-076)
Description: The IP Security feature in Microsoft Internet Information Services (IIS) 8.0 and 8.5 does not properly process wildcard allow and deny rules for domains within the "IP Address and Domain Restrictions" list, which makes it easier for remote attackers to bypass an intended rule set via an HTTP request, aka "IIS Security Feature Bypass Vulnerability."
Family: windows Class: vulnerability
Reference(s): CVE-2014-4078
 Version: 3
Platform(s): Microsoft Windows 8
Microsoft Windows Server 2012
Microsoft Windows 8.1
Microsoft Windows Server 2012 R2
 Product(s): Microsoft Internet Information Services 8.0
Microsoft Internet Information Services 8.5
Definition Synopsis:

CPE : Common Platform Enumeration

TypeDescriptionCount
Application 7
Application 2

Information Assurance Vulnerability Management (IAVM)

Date Description
2014-11-13 IAVM : 2014-B-0146 - Vulnerability in Microsoft Internet Information Services (IIS)
Severity : Category II - VMSKEY : V0057359

Snort® IPS/IDS

Date Description
2019-06-04 Microsoft Internet Explorer cdomuievent use after free attempt
RuleID : 49989 - Revision : 2 - Type : BROWSER-IE
2019-06-04 Microsoft Internet Explorer cdomuievent use after free attempt
RuleID : 49988 - Revision : 2 - Type : BROWSER-IE
2019-03-14 Microsoft Internet Explorer HtmlLayout styling use after free attempt
RuleID : 49187 - Revision : 1 - Type : BROWSER-IE
2019-03-14 Microsoft Internet Explorer HtmlLayout styling use after free attempt
RuleID : 49186 - Revision : 1 - Type : BROWSER-IE
2014-11-25 Microsoft Internet Explorer onreadystatechange use after free attempt
RuleID : 32318 - Revision : 2 - Type : BROWSER-IE
2014-11-25 Microsoft Internet Explorer onreadystatechange use after free attempt
RuleID : 32317 - Revision : 2 - Type : BROWSER-IE
2014-11-16 Microsoft Internet Explorer margin overflow use after free attempt
RuleID : 31635 - Revision : 3 - Type : BROWSER-IE
2014-11-16 Microsoft Internet Explorer margin overflow use after free attempt
RuleID : 31634 - Revision : 3 - Type : BROWSER-IE
2014-11-16 Microsoft Internet Explorer CMarkup insertMarquee use after free attempt
RuleID : 31630 - Revision : 3 - Type : BROWSER-IE
2014-11-16 Microsoft Internet Explorer CMarkup insertMarquee use after free attempt
RuleID : 31629 - Revision : 3 - Type : BROWSER-IE
2014-11-16 Microsoft Internet Explorer cdomuievent use after free attempt
RuleID : 31628 - Revision : 4 - Type : BROWSER-IE
2014-11-16 Microsoft Internet Explorer cdomuievent use after free attempt
RuleID : 31627 - Revision : 4 - Type : BROWSER-IE
2014-11-16 Microsoft Internet Explorer Use after free attempt
RuleID : 31626 - Revision : 2 - Type : BROWSER-IE
2014-11-16 Microsoft Internet Explorer Use after free attempt
RuleID : 31625 - Revision : 2 - Type : BROWSER-IE
2014-11-16 Microsoft Internet Explorer onreadystatechange use after free attempt
RuleID : 31622 - Revision : 2 - Type : BROWSER-IE
2014-11-16 Microsoft Internet Explorer onreadystatechange use after free attempt
RuleID : 31621 - Revision : 2 - Type : BROWSER-IE
2014-11-16 Microsoft Internet Explorer kbd element use-after-free attempt
RuleID : 31620 - Revision : 2 - Type : BROWSER-IE
2014-11-16 Microsoft Internet Explorer kbd element use-after-free attempt
RuleID : 31619 - Revision : 2 - Type : BROWSER-IE

Nessus® Vulnerability Scanner

Date Description
2014-11-12 Name : The remote Windows host is affected by a security feature bypass vulnerability.
File : smb_nt_ms14-076.nasl - Type : ACT_GATHER_INFO
2014-08-12 Name : The remote host has a web browser that is affected by multiple vulnerabilities.
File : smb_nt_ms14-051.nasl - Type : ACT_GATHER_INFO

Alert History

If you want to see full details history, please login or register.
0
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
Date Informations
2018-02-09 05:20:37
  • Multiple Updates
2017-06-28 05:23:19
  • Multiple Updates
2015-06-18 05:28:57
  • Multiple Updates
2015-06-18 05:16:15
  • Multiple Updates
2015-06-04 05:33:45
  • Multiple Updates
2015-06-04 05:15:42
  • Multiple Updates
2014-12-20 00:26:19
  • Multiple Updates
2014-12-20 00:15:53
  • Multiple Updates
2014-11-25 21:26:40
  • Multiple Updates
2014-11-16 21:25:26
  • Multiple Updates
2014-10-09 05:33:43
  • Multiple Updates
2014-10-09 05:21:51
  • Multiple Updates
2014-08-13 21:28:42
  • Multiple Updates
2014-08-13 13:25:00
  • Multiple Updates
2014-08-13 05:25:48
  • Multiple Updates
2014-08-12 21:29:09
  • Multiple Updates
2014-08-12 21:18:11
  • First insertion