Microsoft Internet Explorer Execute Arbitrary Code Remote Memory Corruption Vulnerabilities

Summary

Microsoft Internet Explorer 8 and 9 allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via a crafted web site, aka ‘Internet Explorer Memory Corruption Vulnerability.’

Credit:

The information has been provided by Jason Kratzer, working with HP’s Zero Day Initiative .


Details

Vulnerable Systems:
 * Microsoft Internet Explorer 8 and 9

Microsoft Internet Explorer is prone to a remote memory-corruption vulnerability. Attackers can exploit this issue by enticing an unsuspecting user to view a specially crafted webpage. Attackers can exploit this issue to execute arbitrary code in the context of the currently logged-in user. Failed attacks will cause denial-of-service conditions.

CVE Information:
CVE-2014-6344

Disclosure Timeline:
Original release date: 11/11/2014
Last revised: 12/30/2014

Categories: Windows