Lucene search

K

[email protected]NVD:CVE-2014-1762

HistoryApr 27, 2014 - 10:55 a.m.

CVE-2014-1762

2014-04-2710:55:03

[email protected]

web.nvd.nist.gov

7.5 High

CVSS2

Attack Vector

NETWORK

Attack Complexity

LOW

Authentication

NONE

Confidentiality Impact

PARTIAL

Integrity Impact

PARTIAL

Availability Impact

PARTIAL

AV:N/AC:L/Au:N/C:P/I:P/A:P

7.6 High

AI Score

Confidence

Low

0.828 High

EPSS

Percentile

98.4%

Unspecified vulnerability in Microsoft Internet Explorer 6 through 11 allows remote attackers to execute arbitrary code with medium-integrity privileges and bypass a sandbox protection mechanism via unknown vectors, as demonstrated by ZDI during a Pwn4Fun competition at CanSecWest 2014.

Affected configurations

NVD

Node

microsoftinternet_explorerMatch6

OR

microsoftinternet_explorerMatch7

OR

microsoftinternet_explorerMatch8

OR

microsoftinternet_explorerMatch9

OR

microsoftinternet_explorerMatch10

OR

microsoftinternet_explorerMatch11-

References

twitter.com/thezdi/statuses/443810610958958592

www.pwn2own.com/2014/03/pwn2own-results-for-wednesday-day-one/

www.securityfocus.com/bid/67511

www.securitytracker.com/id/1030370

docs.microsoft.com/en-us/security-updates/securitybulletins/2014/ms14-035

7.5 High

CVSS2

Attack Vector

NETWORK

Attack Complexity

LOW

Authentication

NONE

Confidentiality Impact

PARTIAL

Integrity Impact

PARTIAL

Availability Impact

PARTIAL

AV:N/AC:L/Au:N/C:P/I:P/A:P

7.6 High

AI Score

Confidence

Low

0.828 High

EPSS

Percentile

98.4%

Related for NVD:CVE-2014-1762

zdi2 checkpoint_advisories1 prion1 cvelist1 cve1 openvas1 kaspersky1 nessus1 mskb1 securityvulns1