Executive Summary
Summary | |
---|---|
Title | Internet Explorer CMarkup use-after-free vulnerability |
Informations | |||
---|---|---|---|
Name | VU#732479 | First vendor Publication | 2014-02-14 |
Vendor | VU-CERT | Last vendor Modification | 2014-02-19 |
Severity (Vendor) | N/A | Revision | M |
Security-Database Scoring CVSS v3
Cvss vector : N/A | |||
---|---|---|---|
Overall CVSS Score | NA | ||
Base Score | NA | Environmental Score | NA |
impact SubScore | NA | Temporal Score | NA |
Exploitabality Sub Score | NA | ||
Calculate full CVSS 3.0 Vectors scores |
Security-Database Scoring CVSS v2
Cvss vector : (AV:N/AC:M/Au:N/C:C/I:C/A:C) | |||
---|---|---|---|
Cvss Base Score | 9.3 | Attack Range | Network |
Cvss Impact Score | 10 | Attack Complexity | Medium |
Cvss Expoit Score | 8.6 | Authentication | None Required |
Calculate full CVSS 2.0 Vectors scores |
Detail
Vulnerability Note VU#732479Internet Explorer CMarkup use-after-free vulnerabilityOverviewMicrosoft Internet Explorer contains a use-after-free vulnerability in the MSHTML CMarkup component, which can allow a remote, unauthenticated attacker to execute arbitrary code on a vulnerable system. Description
Impact
Solution
Vendor Information (Learn More)
CVSS Metrics (Learn More)
References
CreditThis vulnerability was publicly reported by FireEye. This document was written by Will Dormann. Other Information
FeedbackIf you have feedback, comments, or additional information about this vulnerability, please send us email. |
Original Source
Url : http://www.kb.cert.org/vuls/id/732479 |
CWE : Common Weakness Enumeration
% | Id | Name |
---|---|---|
100 % | CWE-416 | Use After Free |
OVAL Definitions
Definition Id: oval:org.mitre.oval:def:22660 | |||
Oval ID: | oval:org.mitre.oval:def:22660 | ||
Title: | Internet Explorer Memory Corruption Vulnerability (CVE-2014-0322) - MS14-012 | ||
Description: | Use-after-free vulnerability in Microsoft Internet Explorer 9 and 10 allows remote attackers to execute arbitrary code via vectors involving crafted JavaScript code, CMarkup, and the onpropertychange attribute of a script element, as exploited in the wild in January and February 2014. | ||
Family: | windows | Class: | vulnerability |
Reference(s): | CVE-2014-0322 | Version: | 6 |
Platform(s): | Microsoft Windows Vista Microsoft Windows Server 2008 Microsoft Windows Server 2008 R2 Microsoft Windows Server 2012 Microsoft Windows 7 Microsoft Windows 8 | Product(s): | Microsoft Internet Explorer 9 Microsoft Internet Explorer 10 |
Definition Synopsis: | |||
|
CPE : Common Platform Enumeration
Type | Description | Count |
---|---|---|
Application | 2 |
SAINT Exploits
Description | Link |
---|---|
Internet Explorer CMarkup Object Handling Use-after-free Vulnerability | More info here |
ExploitDB Exploits
id | Description |
---|---|
2014-04-16 | MS14-012 Microsoft Internet Explorer CMarkup Use-After-Free |
2014-04-14 | MS14-012 Internet Explorer CMarkup Use-After-Free |
Information Assurance Vulnerability Management (IAVM)
Date | Description |
---|---|
2014-03-13 | IAVM : 2014-A-0037 - Cumulative Security Update for Microsoft Internet Explorer Severity : Category I - VMSKEY : V0046163 |
Snort® IPS/IDS
Date | Description |
---|---|
2016-06-01 | Microsoft Internet Explorer onpropertychange use-after-free attempt RuleID : 38670 - Revision : 2 - Type : BROWSER-IE |
2016-06-01 | Microsoft Internet Explorer onpropertychange use-after-free attempt RuleID : 38669 - Revision : 2 - Type : BROWSER-IE |
2015-02-18 | Microsoft Internet Explorer 10 use after free attempt RuleID : 33086 - Revision : 5 - Type : BROWSER-IE |
2015-02-18 | Microsoft Internet Explorer 10 use after free attempt RuleID : 33085 - Revision : 5 - Type : BROWSER-IE |
2014-04-10 | Microsoft Internet Explorer 10 use after free attempt RuleID : 30107 - Revision : 5 - Type : BROWSER-IE |
2014-04-10 | Microsoft Internet Explorer 10 use after free attempt RuleID : 30106 - Revision : 5 - Type : BROWSER-IE |
2014-03-16 | Microsoft Internet Explorer 10 use after free attempt RuleID : 29820 - Revision : 7 - Type : BROWSER-IE |
2014-03-16 | Microsoft Internet Explorer 10 use after free attempt RuleID : 29819 - Revision : 7 - Type : BROWSER-IE |
Nessus® Vulnerability Scanner
Date | Description |
---|---|
2014-03-11 | Name : The remote host has a web browser that is affected by multiple vulnerabilities. File : smb_nt_ms14-012.nasl - Type : ACT_GATHER_INFO |
2014-02-20 | Name : The remote host is affected by a remote code execution vulnerability. File : smb_kb2934088.nasl - Type : ACT_GATHER_INFO |
Alert History
Date | Informations |
---|---|
2015-04-09 13:29:17 |
|
2014-02-21 13:21:13 |
|
2014-02-20 05:24:15 |
|
2014-02-19 21:19:31 |
|
2014-02-19 17:18:19 |
|
2014-02-18 21:25:10 |
|
2014-02-18 05:18:06 |
|
2014-02-16 21:19:03 |
|
2014-02-15 17:18:15 |
|
2014-02-15 00:18:16 |
|
2014-02-14 21:24:49 |
|
2014-02-14 21:19:12 |
|