Microsoft Internet Explorer Cross-Domain Execute Arbitrary Code Vulnerabilities

Summary

Microsoft Internet Explorer 11 allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via a crafted web site, aka ‘Internet Explorer Memory Corruption Vulnerability.’

Credit:

The information has been provided by Cloudfuzzer, working with HP’s Zero Day Initiative .


Details

Vulnerable Systems:
 * Microsoft Internet Explorer 11

Microsoft Internet Explorer could allow a remote attacker to execute arbitrary code on the system, caused by improperly accessing an object in memory. By persuading a victim to visit a specially-crafted Web site, an attacker could exploit this vulnerability to corrupt memory and execute arbitrary code on the system with the privileges of the victim.

CVE Information:
CVE-2014-6347

Disclosure Timeline:
Original release date: 11/11/2014
Last revised: 12/30/2014

Categories: Windows