Microsoft Internet Explorer ASLR Security Bypass Vulnerabilities

Summary

Microsoft Internet Explorer 8 and 9 allows remote attackers to bypass the ASLR protection mechanism via a crafted web site, aka ‘Internet Explorer ASLR Bypass Vulnerability.’

Credit:

The information has been provided by Bo Qu of Palo Alto Networks .


Details

Vulnerable Systems:
 * Microsoft Internet Explorer 8 and 9

Immune Systems:
 * Microsoft Internet Explorer after 9

Microsoft Internet Explorer is prone to a security-bypass vulnerability. An attacker can leverage this issue to bypass certain security restrictions and execute arbitrary code by exploiting another vulnerability in the application.

CVE Information:
CVE-2014-6339

Disclosure Timeline:
Original release date: 11/11/2014
Last revised: 12/30/2014

Categories: Windows