Microsoft : Security Vulnerabilities, CVEs, Published In May 2014 (Memory corruption)

CVE-2014-3802

msdia.dll in Microsoft Debug Interface Access (DIA) SDK, as distributed in Microsoft Visual Studio before 2013, does not properly validate an unspecified variable before use in calculating a dynamic-call address, which allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via a crafted PDB file.
Max CVSS
6.8
EPSS Score
15.35%
Published
2014-05-20
Updated
2016-09-09

CVE-2014-1815

Microsoft Internet Explorer 6 through 11 allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via a crafted web site, as exploited in the wild in May 2014, aka "Internet Explorer Memory Corruption Vulnerability," a different vulnerability than CVE-2014-0310.
Max CVSS
9.3
EPSS Score
96.04%
Published
2014-05-14
Updated
2018-10-12

CVE-2014-1770

Use-after-free vulnerability in Microsoft Internet Explorer 6 through 11 allows remote attackers to execute arbitrary code via crafted JavaScript code that interacts improperly with a CollectGarbage function call on a CMarkup object allocated by the CMarkup::CreateInitialMarkup function.
Max CVSS
9.3
EPSS Score
46.66%
Published
2014-05-22
Updated
2018-10-12

CVE-2014-0310

Microsoft Internet Explorer 6 through 11 allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via a crafted web site, aka "Internet Explorer Memory Corruption Vulnerability," a different vulnerability than CVE-2014-1815.
Max CVSS
9.3
EPSS Score
81.60%
Published
2014-05-14
Updated
2018-10-12
4 vulnerabilities found
This web site uses cookies for managing your session, storing preferences, website analytics and additional purposes described in our privacy policy.
By using this web site you are agreeing to CVEdetails.com terms of use!
Accept Close