Vulnerabilities Threats

English Russian Japanese LatAm Türkiye Brasil France Český Deutschland

KLA10010
Multiple vulnerabilities at Microsoft Internet Explorer
Updated: 06/18/2020
Detect date
?
 06/10/2014
Severity
?
 Critical
Description

Multiple serious vulnerabilities have been found in Microsoft Internet Explorer versions 6-11. Malicious users can exploit these vulnerabilities to cause denial of service, execute arbitrary code, bypass a sandbox protection mechanism, obtain sensitive information, modify TLS session data or read local files.

Below is a complete list of vulnerabilities

  1. Vectors related to unknown applications can be exploited to cause a denial of service via crafted web site

  2. Vectors related to unknown applications can be exploited to execute arbitrary code with medium-integrity privileges and bypass a sandbox protection mechanism

  3. Use-after-free at CMarkup::CreateInitialMarkup function.

  4. X.509 certificate verification missing near renegotiation at SChannel
Affected products

Microsoft Internet Explorer versions from 6 to 11.
Solution

Install necessary updates from the KB section, that are listed in your Windows Update (Windows Update usually can be accessed from the Control Panel)
Original advisories

Microsoft bulletin
CVE-2014-1800
CVE-2014-1799
CVE-2014-1803
CVE-2014-1802
CVE-2014-1805
CVE-2014-1804
CVE-2014-2754
CVE-2014-2753
CVE-2014-2756
CVE-2014-2755
CVE-2014-2777
CVE-2014-1779
CVE-2014-1778
CVE-2014-1777
CVE-2014-1775
CVE-2014-1783
CVE-2014-1782
CVE-2014-1781
CVE-2014-1780
CVE-2014-2776
CVE-2014-2775
CVE-2014-1785
CVE-2014-1784
CVE-2014-2771
CVE-2014-2770
CVE-2014-2769
CVE-2014-2768
CVE-2014-2772
CVE-2014-2773
CVE-2014-2782
CVE-2014-2759
CVE-2014-1794
CVE-2014-1795
CVE-2014-1791
CVE-2014-1792
CVE-2014-1789
CVE-2014-1790
CVE-2014-1786
CVE-2014-1788
CVE-2014-1796
CVE-2014-1797
CVE-2014-0282
CVE-2014-1762
CVE-2014-1764
CVE-2014-1766
CVE-2014-1769
CVE-2014-1770
CVE-2014-1771
CVE-2014-1772
CVE-2014-1773
CVE-2014-2763
CVE-2014-2764
CVE-2014-2765
CVE-2014-2757
CVE-2014-2758
CVE-2014-1774
CVE-2014-2760
CVE-2014-2761
CVE-2014-2766
CVE-2014-2767
Impacts
?
ACE 
[?]

OSI 
[?]

DoS 
[?]

SB 
[?]
Related products
 Microsoft Internet Explorer
CVE-IDS
?
CVE-2014-18009.3Critical
CVE-2014-17999.3Critical
CVE-2014-18039.3Critical
CVE-2014-18029.3Critical
CVE-2014-18059.3Critical
CVE-2014-18049.3Critical
CVE-2014-27549.3Critical
CVE-2014-27539.3Critical
CVE-2014-27569.3Critical
CVE-2014-27559.3Critical
CVE-2014-27777.5Critical
CVE-2014-17799.3Critical
CVE-2014-17786.8High
CVE-2014-17774.3Warning
CVE-2014-17759.3Critical
CVE-2014-17839.3Critical
CVE-2014-17829.3Critical
CVE-2014-17819.3Critical
CVE-2014-17809.3Critical
CVE-2014-27769.3Critical
CVE-2014-27759.3Critical
CVE-2014-17859.3Critical
CVE-2014-17849.3Critical
CVE-2014-27719.3Critical
CVE-2014-27709.3Critical
CVE-2014-27699.3Critical
CVE-2014-27689.3Critical
CVE-2014-27729.3Critical
CVE-2014-27739.3Critical
CVE-2014-27829.3Critical
CVE-2014-27599.3Critical
CVE-2014-17949.3Critical
CVE-2014-17959.3Critical
CVE-2014-17919.3Critical
CVE-2014-17929.3Critical
CVE-2014-17899.3Critical
CVE-2014-17909.3Critical
CVE-2014-17869.3Critical
CVE-2014-17889.3Critical
CVE-2014-17969.3Critical
CVE-2014-17979.3Critical
CVE-2014-02829.3Critical
CVE-2014-17627.5Critical
CVE-2014-176410.0Critical
CVE-2014-17667.2High
CVE-2014-17699.3Critical
CVE-2014-17709.3Critical
CVE-2014-17716.8High
CVE-2014-17729.3Critical
CVE-2014-17739.3Critical
CVE-2014-27639.3Critical
CVE-2014-27649.3Critical
CVE-2014-27659.3Critical
CVE-2014-27579.3Critical
CVE-2014-27589.3Critical
CVE-2014-17749.3Critical
CVE-2014-27609.3Critical
CVE-2014-27619.3Critical
CVE-2014-27669.3Critical
CVE-2014-27679.3Critical
Microsoft official advisories
 Microsoft Security Update Guide
KB list

2963950
2969262
2957689
Exploitation

The following public exploits exists for this vulnerability:

https://www.exploit-db.com/exploits/40946

https://www.exploit-db.com/exploits/33860
© 2020 AO Kaspersky Lab. All Rights Reserved.
Privacy Policy

Up