Microsoft Internet Explorer Code Execution Vulnerabilities

Summary

Microsoft Internet Explorer 6 through 11 allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via a crafted web site, aka ‘Internet Explorer Memory Corruption Vulnerability,’

Credit:

The information has been provided by s3tm3m, working with HP’s Zero Day Initiative .


Details

Vulnerable Systems:
 * Microsoft Internet Explorer 6 through 11

Immune Systems:
 * Microsoft Internet Explorer after 11

Microsoft Internet Explorer could allow a remote attacker to execute arbitrary code on the system, caused by improperly accessing an object in memory. By persuading a victim to visit a specially-crafted Web site, an attacker could exploit this vulnerability to corrupt memory and execute arbitrary code on the system with the privileges of the victim.

CVE Information:
CVE-2014-4143

Disclosure Timeline:
Original release date: 11/11/2014
Last revised: 12/31/2014

Categories: Windows