KLA10010
Multiple vulnerabilities at Microsoft Internet Explorer
Updated: 03/30/2015
CVSS
?
10.0
Detect date
?
06/10/2014
Severity
?
Critical
Description

Multiple serious vulnerabilities have been found in Microsoft Internet Explorer versions 6-11. Malicious users can exploit these vulnerabilities to cause denial of service, execute arbitrary code, bypass a sandbox protection mechanism, obtain sensitive information, modify TLS session data or read local files.

Below is a complete list of vulnerabilities

  1. Vectors related to unknown applications can be exploited to cause a denial of service via crafted web site

  2. Vectors related to unknown applications can be exploited to execute arbitrary code with medium-integrity privileges and bypass a sandbox protection mechanism

  3. Use-after-free at CMarkup::CreateInitialMarkup function.

  4. X.509 certificate verification missing near renegotiation at SChannel
Affected products

Microsoft Internet Explorer versions from 6 to 11.

Solution

Install necessary updates from the KB section, that are listed in your Windows Update (Windows Update usually can be accessed from the Control Panel)

Original advisories

MS14-035

Impacts
?
ACE 
[?]

OSI 
[?]

SB 
[?]

DoS 
[?]
Related products
Microsoft Internet Explorer
CVE-IDS
?

CVE-2014-2782
CVE-2014-2777
CVE-2014-2776
CVE-2014-2775
CVE-2014-2773
CVE-2014-2772
CVE-2014-2771
CVE-2014-2770
CVE-2014-2769
CVE-2014-2768
CVE-2014-2767
CVE-2014-2766
CVE-2014-2765
CVE-2014-2764
CVE-2014-2763
CVE-2014-2761
CVE-2014-2760
CVE-2014-2759
CVE-2014-2758
CVE-2014-2757
CVE-2014-2756
CVE-2014-2755
CVE-2014-2754
CVE-2014-2753
CVE-2014-1805
CVE-2014-1804
CVE-2014-1803
CVE-2014-1802
CVE-2014-1800
CVE-2014-1799
CVE-2014-1797
CVE-2014-1796
CVE-2014-1795
CVE-2014-1794
CVE-2014-1792
CVE-2014-1791
CVE-2014-1790
CVE-2014-1789
CVE-2014-1788
CVE-2014-1786
CVE-2014-1785
CVE-2014-1784
CVE-2014-1783
CVE-2014-1782
CVE-2014-1781
CVE-2014-1780
CVE-2014-1779
CVE-2014-1778
CVE-2014-1777
CVE-2014-1775
CVE-2014-1774
CVE-2014-1773
CVE-2014-1772
CVE-2014-1771
CVE-2014-1770
CVE-2014-1769
CVE-2014-1766
CVE-2014-1764
CVE-2014-1762
CVE-2014-0282

Microsoft official advisories
MS14-035
KB list

2963950
2969262
2957689