Lucene search
Jason KratzerZDI-14-036HistoryApr 03, 2014 - 12:00 a.m.
Microsoft Internet Explorer HtmlLayout Use-After-Free Remote Code Execution Vulnerability
2014-04-0300:00:00
Jason Kratzer
www.zerodayinitiative.com
18
0.973 High
EPSS
Percentile
99.9%
This vulnerability allows remote attackers to execute arbitrary code on vulnerable installations of Microsoft Internet Explorer. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists within the handling of HtmlLayout objects. By manipulating a documentβs elements an attacker can force a dangling pointer to be reused after it has been freed. An attacker can leverage this vulnerability to execute code under the context of the current process.
Related
zdt
zdt
MS14-012 Internet Explorer TextRange Use-After-Free
2014-03-22 00:00:00
cve
cve
CVE-2014-0307
2014-03-12 05:15:19
checkpoint_advisories
checkpoint_advisories
Microsoft Internet Explorer Memory Corruption (MS14-012; CVE-2014-0307)
2014-03-23 00:00:00
cvelist
cvelist
CVE-2014-0307
2014-03-12 01:00:00
symantec
symantec
Microsoft Internet Explorer CVE-2014-0307 Memory Corruption Vulnerability
2014-03-11 00:00:00
seebug
seebug
Microsoft Internet Explorerε
εη ΄εζΌζ΄(CVE-2014-0307)
2014-03-12 00:00:00
prion
prion
Memory corruption
2014-03-12 05:15:00
packetstorm
packetstorm
MS14-012 Internet Explorer TextRange Use-After-Free
2014-03-20 00:00:00
nvd
nvd
CVE-2014-0307
2014-03-12 05:15:19
openvas
openvas
securityvulns
securityvulns
Microsoft Internet Explorer multiple security vulnerabilities
2014-03-18 00:00:00
nessus
nessus
MS14-012: Cumulative Security Update for Internet Explorer (2925418)
2014-03-11 00:00:00
mskb
mskb
MS14-012: Cumulative security update for Internet Explorer: March 11, 2014
2014-03-11 00:00:00