7 matches found
Internet Explorer EPM sandbox out vulnerability analysis CVE-2 0 1 4-6 3 5 0-a vulnerability warning-the black bar safety net
0x00 Preface Author: James Forshaw Original: link This month Microsoft fixed 3 different IE enhanced protected mode EPM sandbox out of vulnerabilities by me the original author, the same below)at 8 months of disclosure. The Sandbox is Project Zero I also participated in the most major concern the...
Internet Explorer EPM Sandbox Escape CVE-2014-6350
Posted by James Forshaw This month Microsoft fixed 3 different Internet Explorer Enhanced Protected Mode EPM sandbox escapes which I disclosed in August. Sandboxes are one of the main areas of interest for Project Zero and me in particular as they are choke points for an attacker successfully...
Microsoft Internet Explorer Multiple Vulnerabilities (3003057)
This host is missing a critical security update according to Microsoft Bulletin MS14-065. SPDX-FileCopyrightText: 2014 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only CPE =...
CVE-2014-6350
Microsoft Internet Explorer 10 and 11 allows remote attackers to gain privileges via a crafted web site, aka "Internet Explorer Elevation of Privilege Vulnerability," a different vulnerability than CVE-2014-6349...
CVE-2014-6350
CVE-2014-6350 affects Microsoft Internet Explorer 10/11 in Enhanced Protected Mode, enabling sandbox escape via a memory-disclosure/IPC weakness in the IE broker and Free Threaded Marshaler (FTM). The exploit chain described by Project Zero and related writeups shows how an attacker could read br...
Microsoft Internet Explorer Elevation of Privilege (MS14-065: CVE-2014-6350)
An elevation of privilege vulnerability has been reported in Microsoft Internet Explorer. The vulnerability is due to an error in the way Internet Explorer validates permissions under specific conditions, potentially allowing script to be run with elevated privileges...
Microsoft Internet Explorer CVE-2014-6350 Remote Privilege Escalation Vulnerability
Description Microsoft Internet Explorer is prone to a remote privilege-escalation vulnerability. An attacker can exploit this issue to gain elevated privileges. Successful exploits may aid in further attacks. Internet Explorer 10, and 11 are vulnerable. Technologies Affected Avaya Aura Conferenci...