Lucene search
K

7 matches found

myhack58
myhack58
added 2014/12/04 12:0 a.m.15 views

Internet Explorer EPM sandbox out vulnerability analysis CVE-2 0 1 4-6 3 5 0-a vulnerability warning-the black bar safety net

0x00 Preface Author: James Forshaw Original: link This month Microsoft fixed 3 different IE enhanced protected mode EPM sandbox out of vulnerabilities by me the original author, the same below)at 8 months of disclosure. The Sandbox is Project Zero I also participated in the most major concern the...

7.5AI score
Exploits0
GoogleProjectZero
GoogleProjectZero
added 2014/12/01 12:0 a.m.54 views

Internet Explorer EPM Sandbox Escape CVE-2014-6350

Posted by James Forshaw This month Microsoft fixed 3 different Internet Explorer Enhanced Protected Mode EPM sandbox escapes which I disclosed in August. Sandboxes are one of the main areas of interest for Project Zero and me in particular as they are choke points for an attacker successfully...

4.3CVSS8.9AI score0.20558EPSS
Exploits0
OpenVAS
OpenVAS
added 2014/11/12 12:0 a.m.53 views

Microsoft Internet Explorer Multiple Vulnerabilities (3003057)

This host is missing a critical security update according to Microsoft Bulletin MS14-065. SPDX-FileCopyrightText: 2014 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only CPE =...

9.3CVSS5AI score0.30213EPSS
Exploits0References19
NVD
NVD
added 2014/11/11 10:55 p.m.24 views

CVE-2014-6350

Microsoft Internet Explorer 10 and 11 allows remote attackers to gain privileges via a crafted web site, aka "Internet Explorer Elevation of Privilege Vulnerability," a different vulnerability than CVE-2014-6349...

4.3CVSS6.6AI score0.20558EPSS
Exploits0References3
CVE
CVE
added 2014/11/11 10:0 p.m.84 views

CVE-2014-6350

CVE-2014-6350 affects Microsoft Internet Explorer 10/11 in Enhanced Protected Mode, enabling sandbox escape via a memory-disclosure/IPC weakness in the IE broker and Free Threaded Marshaler (FTM). The exploit chain described by Project Zero and related writeups shows how an attacker could read br...

4.3CVSS6.7AI score0.20558EPSS
Exploits0References3Affected Software1
Check Point Advisories
Check Point Advisories
added 2014/11/11 12:0 a.m.5 views

Microsoft Internet Explorer Elevation of Privilege (MS14-065: CVE-2014-6350)

An elevation of privilege vulnerability has been reported in Microsoft Internet Explorer. The vulnerability is due to an error in the way Internet Explorer validates permissions under specific conditions, potentially allowing script to be run with elevated privileges...

4.3CVSS6.3AI score0.20558EPSS
Exploits0
Symantec
Symantec
added 2014/11/11 12:0 a.m.40 views

Microsoft Internet Explorer CVE-2014-6350 Remote Privilege Escalation Vulnerability

Description Microsoft Internet Explorer is prone to a remote privilege-escalation vulnerability. An attacker can exploit this issue to gain elevated privileges. Successful exploits may aid in further attacks. Internet Explorer 10, and 11 are vulnerable. Technologies Affected Avaya Aura Conferenci...

4.3CVSS9.5AI score0.20558EPSS
Exploits0Affected Software2
Rows per page
Query Builder