10

CVE-2014-1776

Warnung
Exploit
Use-after-free vulnerability in Microsoft Internet Explorer 6 through 11 allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via vectors related to the CMarkup::IsConnectedToPrimaryMarkup function, as exploited in the wild in April 2014.  NOTE: this issue originally emphasized VGX.DLL, but Microsoft clarified that "VGX.DLL does not contain the vulnerable code leveraged in this exploit. Disabling VGX.DLL is an exploit-specific workaround that provides an immediate, effective workaround to help block known attacks."
Daten sind bereitgestellt durch National Vulnerability Database (NVD)
MicrosoftInternet Explorer Version6
   MicrosoftWindows Server 2003 Version- Updatesp2
   MicrosoftWindows Xp Version- Updatesp2 SwEditionprofessional HwPlatform-
   MicrosoftWindows Xp Version- Updatesp3
MicrosoftInternet Explorer Version7
   MicrosoftWindows Server 2003 Version- Updatesp2
   MicrosoftWindows Server 2008 Version- Updatesp2
   MicrosoftWindows Vista Version- Updatesp2
   MicrosoftWindows Xp Version- Updatesp2 SwEditionprofessional HwPlatform-
   MicrosoftWindows Xp Version- Updatesp3
MicrosoftInternet Explorer Version8
   MicrosoftWindows 7 Version- Updatesp1
   MicrosoftWindows Server 2003 Version- Updatesp2
   MicrosoftWindows Server 2008 Version- Updatesp2
   MicrosoftWindows Server 2008 Versionr2 Updatesp1
   MicrosoftWindows Vista Version- Updatesp2
   MicrosoftWindows Xp Version- Updatesp2 SwEditionprofessional HwPlatform-
   MicrosoftWindows Xp Version- Updatesp3
MicrosoftInternet Explorer Version9
   MicrosoftWindows 7 Version- Updatesp1
   MicrosoftWindows Server 2008 Version- Updatesp2
   MicrosoftWindows Server 2008 Versionr2 Updatesp1
   MicrosoftWindows Vista Version- Updatesp2
MicrosoftInternet Explorer Version10
   MicrosoftWindows 7 Version- Updatesp1
   MicrosoftWindows 8 Version-
   MicrosoftWindows Rt Version-
   MicrosoftWindows Server 2008 Versionr2 Updatesp1 HwPlatformx64
   MicrosoftWindows Server 2012 Version-
MicrosoftInternet Explorer Version11 Update-
   MicrosoftWindows 7 Version- Updatesp1
   MicrosoftWindows 8.1 Version-
   MicrosoftWindows Rt 8.1 Version-
   MicrosoftWindows Server 2008 Versionr2 Updatesp1 HwPlatformx64
   MicrosoftWindows Server 2012 Versionr2

28.01.2022: CISA Known Exploited Vulnerabilities (KEV) Catalog

Microsoft Internet Explorer Memory Corruption Vulnerability

Schwachstelle

Microsoft Internet Explorer contains a memory corruption vulnerability that allows remote attackers to execute code in the context of the current user.

Beschreibung

Apply updates per vendor instructions.

Erforderliche Maßnahmen
EPSS Metriken
Typ Quelle Score Percentile
EPSS FIRST.org 88.01% 0.997
CVSS Metriken
Quelle Base Score Exploit Score Impact Score Vector String
nvd@nist.gov 10 10 10
AV:N/AC:L/Au:N/C:C/I:C/A:C
134c704f-9b21-4f2e-91b3-4a467353bcc0 9.8 3.9 5.9
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
CWE-416 Use After Free

The product reuses or references memory after it has been freed. At some point afterward, the memory may be allocated again and saved in another pointer, while the original pointer references a location somewhere within the new allocation. Any operations using the original pointer are no longer valid because the memory "belongs" to the code that operates on the new pointer.

http://blogs.technet.com/b/srd/archive/2014/04/30/protection-strategies-for-the-security-advisory-2963983-ie-0day.aspx
Broken Link
Mitigation
http://secunia.com/advisories/57908
Broken Link
http://securitytracker.com/id?1030154
Third Party Advisory
Broken Link
VDB Entry
http://www.fireeye.com/blog/uncategorized/2014/04/new-zero-day-exploit-targeting-internet-explorer-versions-9-through-11-identified-in-targeted-attacks.html
Broken Link
http://www.kb.cert.org/vuls/id/222929
Third Party Advisory
US Government Resource
Mitigation
http://www.osvdb.org/106311
Broken Link
http://www.securityfocus.com/bid/67075
Third Party Advisory
Broken Link
VDB Entry
http://www.signalsec.com/cve-2014-1776-ie-0day-analysis/
Third Party Advisory
Exploit
https://docs.microsoft.com/en-us/security-updates/securitybulletins/2014/ms14-021
Patch
Vendor Advisory
https://technet.microsoft.com/library/security/2963983
Patch
Vendor Advisory
Mitigation
https://www.vicarius.io/vsociety/posts/cve-2014-1776-use-after-free-vulnerability-in-microsoft-internet-explorer-detection-script
Third Party Advisory
https://www.vicarius.io/vsociety/posts/cve-2014-1776-use-after-free-vulnerability-in-microsoft-internet-explorer-mitigation-scripts
Third Party Advisory
https://www.cisa.gov/known-exploited-vulnerabilities-catalog?field_cve=CVE-2014-1776
US Government Resource