Kaspersky ID:
KLA10010
Detect Date:
06/10/2014
Updated:
09/26/2023

Description

Multiple serious vulnerabilities have been found in Microsoft Internet Explorer versions 6-11. Malicious users can exploit these vulnerabilities to cause denial of service, execute arbitrary code, bypass a sandbox protection mechanism, obtain sensitive information, modify TLS session data or read local files.

Below is a complete list of vulnerabilities

  1. Vectors related to unknown applications can be exploited to cause a denial of service via crafted web site

  2. Vectors related to unknown applications can be exploited to execute arbitrary code with medium-integrity privileges and bypass a sandbox protection mechanism

  3. Use-after-free at CMarkup::CreateInitialMarkup function.

  4. X.509 certificate verification missing near renegotiation at SChannel

Original advisories

Exploitation

Public exploits exist for this vulnerability.

Related products

CVE list

  • CVE-2014-1800
    critical
  • CVE-2014-1799
    critical
  • CVE-2014-1803
    critical
  • CVE-2014-1802
    critical
  • CVE-2014-1805
    critical
  • CVE-2014-1804
    critical
  • CVE-2014-2754
    critical
  • CVE-2014-2753
    critical
  • CVE-2014-2756
    critical
  • CVE-2014-2755
    critical
  • CVE-2014-2777
    critical
  • CVE-2014-1779
    critical
  • CVE-2014-1778
    high
  • CVE-2014-1777
    warning
  • CVE-2014-1775
    critical
  • CVE-2014-1783
    critical
  • CVE-2014-1782
    critical
  • CVE-2014-1781
    critical
  • CVE-2014-1780
    critical
  • CVE-2014-2776
    critical
  • CVE-2014-2775
    critical
  • CVE-2014-1785
    critical
  • CVE-2014-1784
    critical
  • CVE-2014-2771
    critical
  • CVE-2014-2770
    critical
  • CVE-2014-2769
    critical
  • CVE-2014-2768
    critical
  • CVE-2014-2772
    critical
  • CVE-2014-2773
    critical
  • CVE-2014-2782
    critical
  • CVE-2014-2759
    critical
  • CVE-2014-1794
    critical
  • CVE-2014-1795
    critical
  • CVE-2014-1791
    critical
  • CVE-2014-1792
    critical
  • CVE-2014-1789
    critical
  • CVE-2014-1790
    critical
  • CVE-2014-1786
    critical
  • CVE-2014-1788
    critical
  • CVE-2014-1796
    critical
  • CVE-2014-1797
    critical
  • CVE-2014-0282
    critical
  • CVE-2014-1762
    critical
  • CVE-2014-1764
    critical
  • CVE-2014-1766
    critical
  • CVE-2014-1769
    critical
  • CVE-2014-1770
    critical
  • CVE-2014-1771
    high
  • CVE-2014-1772
    critical
  • CVE-2014-1773
    critical
  • CVE-2014-2763
    critical
  • CVE-2014-2764
    critical
  • CVE-2014-2765
    critical
  • CVE-2014-2757
    critical
  • CVE-2014-2758
    critical
  • CVE-2014-1774
    critical
  • CVE-2014-2760
    critical
  • CVE-2014-2761
    critical
  • CVE-2014-2766
    critical
  • CVE-2014-2767
    critical

KB list

Read more

Find out the statistics of the vulnerabilities spreading in your region on statistics.securelist.com

Found an inaccuracy in the description of this vulnerability? Let us know!
Kaspersky Next
Let’s go Next: redefine your business’s cybersecurity
Learn more
New Kaspersky!
Your digital life deserves complete protection!
Learn more
Confirm changes?
Your message has been sent successfully.