2 matches found
VUPEN Security Research - Microsoft Internet Explorer "Request" Object Confusion Sandbox Bypass (Pwn2Own 2014)
VUPEN Security Research - Microsoft Internet Explorer "Request" Object Confusion Sandbox Bypass Pwn2Own 2014 Website : http://www.vupen.com Twitter : http://twitter.com/vupen I. BACKGROUND --------------------- "Microsoft Internet Explorer is a web browser developed by Microsoft and included as...
CVE-2014-1764
CVE-2014-1764 affects Microsoft Internet Explorer 7–11. The issue is an object confusion vulnerability in the data exchanged between the broker and sandboxed processes, allowing a sandboxed process to execute code in the broker context and bypass IE Protected Mode. This can lead to remote code ex...