Lucene search
K
Database
Vendors
Products
Years
CVSS
Scanner
Agent Scanning
API Scanning
Manual Audit
Perimeter Scanner
Scanning
Projects
Email
Webhook
Plugins
Resources
Documents
Blog
Glossary
FAQ
Pricing
Contacts
About Us
Partners
Branding Guideline
symantecSymantec Security ResponseSMNTC-65392
HistoryFeb 11, 2014 - 12:00 a.m.

Microsoft Internet Explorer CVE-2014-0268 Remote Privilege Escalation Vulnerability

2014-02-1100:00:00
Symantec Security Response
www.symantec.com
7

0.019 Low

EPSS

Percentile

88.5%

JSON

Description

Microsoft Internet Explorer is prone to a remote privilege-escalation vulnerability. An attacker can exploit this issue to gain elevated privileges. Successful exploits may aid in further attacks.

Technologies Affected

  • Avaya CallPilot 4.0
  • Avaya CallPilot 4.0.1
  • Avaya CallPilot 5.0
  • Avaya CallPilot 5.0.1
  • Avaya CallPilot
  • Avaya Communication Server 1000 Telephony Manager 3.0
  • Avaya Communication Server 1000 Telephony Manager 3.0.1
  • Avaya Communication Server 1000 Telephony Manager 4.0
  • Avaya Communication Server 1000 Telephony Manager 4.0.1
  • Avaya Communication Server 1000 Telephony Manager
  • Avaya Conferencing Standard Edition 6.0
  • Avaya Conferencing Standard Edition 6.0 SP1
  • Avaya Conferencing Standard Edition 6.0.1
  • Avaya Conferencing Standard Edition 7.0
  • Avaya Meeting Exchange - Client Registration Server 5.0
  • Avaya Meeting Exchange - Client Registration Server 5.0.1
  • Avaya Meeting Exchange - Client Registration Server 5.2
  • Avaya Meeting Exchange - Client Registration Server 5.2.1
  • Avaya Meeting Exchange - Client Registration Server 6.0
  • Avaya Meeting Exchange - Client Registration Server 6.2
  • Avaya Meeting Exchange - Client Registration Server
  • Avaya Meeting Exchange - Recording Server 5.0
  • Avaya Meeting Exchange - Recording Server 5.0.1
  • Avaya Meeting Exchange - Recording Server 5.2
  • Avaya Meeting Exchange - Recording Server 5.2.1
  • Avaya Meeting Exchange - Recording Server 6.0
  • Avaya Meeting Exchange - Recording Server 6.2
  • Avaya Meeting Exchange - Recording Server
  • Avaya Meeting Exchange - Streaming Server 5.0
  • Avaya Meeting Exchange - Streaming Server 5.0
  • Avaya Meeting Exchange - Streaming Server 5.0.1
  • Avaya Meeting Exchange - Streaming Server 5.2
  • Avaya Meeting Exchange - Streaming Server 5.2.1
  • Avaya Meeting Exchange - Streaming Server 6.0
  • Avaya Meeting Exchange - Streaming Server 6.2
  • Avaya Meeting Exchange - Streaming Server
  • Avaya Meeting Exchange - Web Conferencing Server 5.0
  • Avaya Meeting Exchange - Web Conferencing Server 5.0.1
  • Avaya Meeting Exchange - Web Conferencing Server 5.2
  • Avaya Meeting Exchange - Web Conferencing Server 5.2.1
  • Avaya Meeting Exchange - Web Conferencing Server 6.0
  • Avaya Meeting Exchange - Web Conferencing Server 6.2
  • Avaya Meeting Exchange - Web Conferencing Server
  • Avaya Meeting Exchange - Webportal 5.0
  • Avaya Meeting Exchange - Webportal 5.0.1
  • Avaya Meeting Exchange - Webportal 5.2
  • Avaya Meeting Exchange - Webportal 5.2.1
  • Avaya Meeting Exchange - Webportal 6.0
  • Avaya Meeting Exchange - Webportal 6.2
  • Avaya Meeting Exchange - Webportal
  • Avaya Messaging Application Server 4
  • Avaya Messaging Application Server 5
  • Avaya Messaging Application Server 5.0
  • Avaya Messaging Application Server 5.0.1
  • Avaya Messaging Application Server 5.2
  • Avaya Messaging Application Server 5.2.1
  • Avaya Messaging Application Server
  • Avaya Messaging Application Server MM 1.1
  • Avaya Messaging Application Server MM 2.0
  • Avaya Messaging Application Server MM 3.0
  • Avaya Messaging Application Server MM 3.1
  • Microsoft Internet Explorer 10
  • Microsoft Internet Explorer 11
  • Microsoft Internet Explorer 8
  • Microsoft Internet Explorer 9

Recommendations

Block external access at the network boundary, unless external parties require service.
Filter access to the affected computer at the network boundary if global access isn’t needed. Restricting access to only trusted computers and networks might greatly reduce the likelihood of a successful exploit.

Run all software as a nonprivileged user with minimal access rights.
To reduce the impact of latent vulnerabilities, always run nonadministrative software as an unprivileged user with minimal access rights.

Deploy network intrusion detection systems to monitor network traffic for malicious activity.
Deploy NIDS to monitor network traffic for signs of anomalous or suspicious activity such as unexplained incoming and outgoing traffic. This may indicate exploit attempts or activity that results from successful exploits.

Do not follow links provided by unknown or untrusted sources.
Web users should be cautious about following links to sites that are provided by unfamiliar or suspicious sources. Filtering HTML from emails may help remove a possible vector for transmitting malicious links to users.

Updates are available. Please see the references or vendor advisory for more information.

Related

cvelist 1
prion 1
seebug 1
nvd 1
cve 1
openvas 1
securityvulns 1
nessus 1
kaspersky 1
cvelist
cvelist
CVE-2014-0268
2014-02-12 02:00:00
prion
prion
Privilege escalation
2014-02-12 04:50:00
seebug
seebug
Microsoft Internet ExplorerθΏœη¨‹ζƒι™ζε‡ζΌζ΄ž(CVE-2014-0268)(MS14-010)
2014-02-13 00:00:00
nvd
nvd
CVE-2014-0268
2014-02-12 04:50:40
cve
cve
CVE-2014-0268
2014-02-12 04:50:40
openvas
openvas
Microsoft Internet Explorer Multiple Vulnerabilities (2909921)
2014-02-12 00:00:00
securityvulns
securityvulns
Microsoft Internet Explorer multiple security vulnerabilities
2014-03-27 00:00:00
nessus
nessus
MS14-010: Cumulative Security Update for Internet Explorer (2909921)
2014-02-12 00:00:00
kaspersky
kaspersky
KLA10602 Multiple vulnerabilities in Microsoft Internet Explorer
2014-09-09 00:00:00

0.019 Low

EPSS

Percentile

88.5%

JSON
Related for SMNTC-65392
cvelist1prion1seebug1nvd1cve1openvas1securityvulns1nessus1kaspersky1