CVE-2014-1776

Known exploited
Use-after-free vulnerability in Microsoft Internet Explorer 6 through 11 allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via vectors related to the CMarkup::IsConnectedToPrimaryMarkup function, as exploited in the wild in April 2014. NOTE: this issue originally emphasized VGX.DLL, but Microsoft clarified that "VGX.DLL does not contain the vulnerable code leveraged in this exploit. Disabling VGX.DLL is an exploit-specific workaround that provides an immediate, effective workaround to help block known attacks."
Max CVSS
10.0
EPSS Score
96.77%
Published
2014-04-27
Updated
2018-10-12
CISA KEV Added
2022-01-28
Microsoft Internet Explorer 9 through 11 allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via a crafted web site, as demonstrated by Sebastian Apelt and Andreas Schmidt during a Pwn2Own competition at CanSecWest 2014. NOTE: the original disclosure referred to triggering a kernel bug with the Internet Explorer exploit payload, but this ID is not for a kernel vulnerability.
Max CVSS
9.3
EPSS Score
14.87%
Published
2014-04-27
Updated
2020-07-28
Multiple use-after-free vulnerabilities in Microsoft Internet Explorer 6 through 11 allow remote attackers to execute arbitrary code via unspecified vectors, as demonstrated by Sebastian Apelt and Andreas Schmidt during a Pwn2Own competition at CanSecWest 2014.
Max CVSS
7.6
EPSS Score
88.83%
Published
2014-04-27
Updated
2018-10-12
Use-after-free vulnerability in Microsoft Internet Explorer 9 through 11 allows remote attackers to execute arbitrary code and bypass a sandbox protection mechanism via unspecified vectors, as demonstrated by VUPEN during a Pwn2Own competition at CanSecWest 2014.
Max CVSS
10.0
EPSS Score
27.19%
Published
2014-04-27
Updated
2018-10-12
Microsoft Internet Explorer 11 allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via a crafted web site, aka "Internet Explorer Memory Corruption Vulnerability."
Max CVSS
9.3
EPSS Score
81.60%
Published
2014-04-08
Updated
2018-10-12
Microsoft Internet Explorer 9 allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via a crafted web site, aka "Internet Explorer Memory Corruption Vulnerability," a different vulnerability than CVE-2014-0235 and CVE-2014-1751.
Max CVSS
9.3
EPSS Score
89.45%
Published
2014-04-08
Updated
2018-10-12
Microsoft Internet Explorer 6 through 9 allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via a crafted web site, aka "Internet Explorer Memory Corruption Vulnerability."
Max CVSS
9.3
EPSS Score
81.60%
Published
2014-04-08
Updated
2018-10-12
Microsoft Internet Explorer 6 and 7 allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via a crafted web site, aka "Internet Explorer Memory Corruption Vulnerability."
Max CVSS
9.3
EPSS Score
89.45%
Published
2014-04-08
Updated
2018-10-12
Microsoft Internet Explorer 9 allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via a crafted web site, aka "Internet Explorer Memory Corruption Vulnerability," a different vulnerability than CVE-2014-0235 and CVE-2014-1755.
Max CVSS
9.3
EPSS Score
89.45%
Published
2014-04-08
Updated
2018-10-12
9 vulnerabilities found
This web site uses cookies for managing your session, storing preferences, website analytics and additional purposes described in our privacy policy.
By using this web site you are agreeing to CVEdetails.com terms of use!