4.3
CVE-2014-0268
- EPSS 22.45%
- Veröffentlicht 12.02.2014 04:50:40
- Zuletzt bearbeitet 29.04.2026 01:13:23
- Quelle secure@microsoft.com
- CVE-Watchlists
- Unerledigt
Microsoft Internet Explorer 8 through 11 does not properly restrict file installation and registry-key creation, which allows remote attackers to bypass the Mandatory Integrity Control protection mechanism via a crafted web site, aka "Internet Explorer Elevation of Privilege Vulnerability."
Daten sind bereitgestellt durch National Vulnerability Database (NVD)
Microsoft ≫ Internet Explorer Version8
Microsoft ≫ Internet Explorer Version9
Microsoft ≫ Internet Explorer Version10
Microsoft ≫ Internet Explorer Version11 Update-
| Typ | Quelle | Score | Percentile |
|---|---|---|---|
| EPSS | FIRST.org | 22.45% | 0.974 |
| Quelle | Base Score | Exploit Score | Impact Score | Vector String |
|---|---|---|---|---|
| nvd@nist.gov | 4.3 | 8.6 | 2.9 |
AV:N/AC:M/Au:N/C:N/I:P/A:N
|
http://secunia.com/advisories/56796
http://www.securitytracker.com/id/1029741
https://docs.microsoft.com/en-us/security-updates/securitybulletins/2014/ms14-010
http://osvdb.org/103165
http://www.securityfocus.com/bid/65392
https://exchange.xforce.ibmcloud.com/vulnerabilities/90756