Executive Summary
Summary | |
---|---|
Title | Microsoft Internet Explorer CMarkup use-after-free vulnerability |
Informations | |||
---|---|---|---|
Name | VU#222929 | First vendor Publication | 2014-04-27 |
Vendor | VU-CERT | Last vendor Modification | 2014-05-07 |
Severity (Vendor) | N/A | Revision | M |
Security-Database Scoring CVSS v3
Cvss vector : N/A | |||
---|---|---|---|
Overall CVSS Score | NA | ||
Base Score | NA | Environmental Score | NA |
impact SubScore | NA | Temporal Score | NA |
Exploitabality Sub Score | NA | ||
Calculate full CVSS 3.0 Vectors scores |
Security-Database Scoring CVSS v2
Cvss vector : (AV:N/AC:L/Au:N/C:C/I:C/A:C) | |||
---|---|---|---|
Cvss Base Score | 10 | Attack Range | Network |
Cvss Impact Score | 10 | Attack Complexity | Low |
Cvss Expoit Score | 10 | Authentication | None Required |
Calculate full CVSS 2.0 Vectors scores |
Detail
Vulnerability Note VU#222929Microsoft Internet Explorer CMarkup use-after-free vulnerabilityOverviewMicrosoft Internet Explorer contains a use-after-free vulnerability, which can allow a remote, unauthenticated attacker to execute arbitrary code on a vulnerable system. Description
Impact
Solution
Vendor Information (Learn More)
CVSS Metrics (Learn More)
References
CreditThis vulnerability was publicly reported by FireEye This document was written by Will Dormann. Other Information
FeedbackIf you have feedback, comments, or additional information about this vulnerability, please send us email. |
Original Source
Url : http://www.kb.cert.org/vuls/id/222929 |
CWE : Common Weakness Enumeration
% | Id | Name |
---|---|---|
100 % | CWE-416 | Use After Free |
OVAL Definitions
Definition Id: oval:org.mitre.oval:def:24704 | |||
Oval ID: | oval:org.mitre.oval:def:24704 | ||
Title: | Internet Explorer Memory corruption vulnerability (CVE-2014-1776) - MS14-021 | ||
Description: | Use-after-free vulnerability in Microsoft Internet Explorer 6 through 11 allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via vectors related to the CMarkup::IsConnectedToPrimaryMarkup function, as exploited in the wild in April 2014. NOTE: this issue originally emphasized VGX.DLL, but Microsoft clarified that "VGX.DLL does not contain the vulnerable code leveraged in this exploit. Disabling VGX.DLL is an exploit-specific workaround that provides an immediate, effective workaround to help block known attacks." | ||
Family: | windows | Class: | vulnerability |
Reference(s): | CVE-2014-1776 | Version: | 6 |
Platform(s): | Microsoft Windows XP Microsoft Windows Vista Microsoft Windows Server 2003 Microsoft Windows Server 2008 Microsoft Windows Server 2008 R2 Microsoft Windows Server 2012 Microsoft Windows Server 2012 R2 Microsoft Windows 7 Microsoft Windows 8 Microsoft Windows 8.1 | Product(s): | Microsoft Internet Explorer 6 Microsoft Internet Explorer 7 Microsoft Internet Explorer 8 Microsoft Internet Explorer 9 Microsoft Internet Explorer 10 Microsoft Internet Explorer 11 |
Definition Synopsis: | |||
|
CPE : Common Platform Enumeration
Information Assurance Vulnerability Management (IAVM)
Date | Description |
---|---|
2014-05-01 | IAVM : 2014-A-0065 - Microsoft Internet Explorer Memory Corruption Vulnerability Severity : Category I - VMSKEY : V0050205 |
Snort® IPS/IDS
Date | Description |
---|---|
2019-05-26 | Microsoft Internet Explorer VML use after free attempt RuleID : 49940 - Revision : 2 - Type : BROWSER-IE |
2014-12-02 | Microsoft Internet Explorer VML use after free attempt RuleID : 32363 - Revision : 3 - Type : BROWSER-IE |
2014-12-02 | Microsoft Internet Explorer VML use after free attempt RuleID : 32362 - Revision : 3 - Type : BROWSER-IE |
2014-06-07 | known malicious flash actionscript decryption routine RuleID : 30901 - Revision : 3 - Type : FILE-FLASH |
2014-05-31 | Microsoft Internet Explorer VML use after free attempt RuleID : 30895 - Revision : 4 - Type : BROWSER-IE |
2014-05-31 | Microsoft Internet Explorer VML use after free attempt RuleID : 30894 - Revision : 4 - Type : BROWSER-IE |
2014-05-31 | Microsoft Internet Explorer VML use after free attempt RuleID : 30893 - Revision : 3 - Type : BROWSER-IE |
2014-05-31 | Microsoft Internet Explorer VML use after free attempt RuleID : 30892 - Revision : 3 - Type : BROWSER-IE |
2014-05-28 | Microsoft Internet Explorer VML use after free attempt RuleID : 30803 - Revision : 6 - Type : BROWSER-IE |
2014-05-28 | Microsoft Internet Explorer VML use after free attempt RuleID : 30794 - Revision : 7 - Type : BROWSER-IE |
Nessus® Vulnerability Scanner
Date | Description |
---|---|
2014-05-01 | Name : The remote host has a web browser that is affected by a memory corruption vul... File : smb_nt_ms14-021.nasl - Type : ACT_GATHER_INFO |
2014-04-28 | Name : The remote host is affected by a remote code execution vulnerability. File : smb_kb2963983.nasl - Type : ACT_GATHER_INFO |
Alert History
Date | Informations |
---|---|
2014-05-07 21:22:49 |
|
2014-05-07 00:28:19 |
|
2014-05-02 17:20:05 |
|
2014-05-02 13:24:14 |
|
2014-05-02 00:18:32 |
|
2014-05-01 21:19:25 |
|
2014-05-01 17:18:22 |
|
2014-04-30 21:19:12 |
|
2014-04-30 17:17:55 |
|
2014-04-30 00:18:08 |
|
2014-04-29 13:21:18 |
|
2014-04-28 21:25:35 |
|
2014-04-28 21:20:09 |
|
2014-04-28 00:18:14 |
|
2014-04-27 17:22:33 |
|
2014-04-27 17:18:16 |
|