Multiple vulnerabilities at Microsoft Internet Explorer

Описание

Multiple serious vulnerabilities have been found in Microsoft Internet Explorer versions 6-11. Malicious users can exploit these vulnerabilities to cause denial of service, execute arbitrary code, bypass a sandbox protection mechanism, obtain sensitive information, modify TLS session data or read local files.

Below is a complete list of vulnerabilities

1. Vectors related to unknown applications can be exploited to cause a denial of service via crafted web site

2. Vectors related to unknown applications can be exploited to execute arbitrary code with medium-integrity privileges and bypass a sandbox protection mechanism

3. Use-after-free at CMarkup::CreateInitialMarkup function.

4. X.509 certificate verification missing near renegotiation at SChannel

Первичный источник обнаружения

• Microsoft bulletin
  CVE-2014-1800
  CVE-2014-1799
  CVE-2014-1803
  CVE-2014-1802
  CVE-2014-1805
  CVE-2014-1804
  CVE-2014-2754
  CVE-2014-2753
  CVE-2014-2756
  CVE-2014-2755
  CVE-2014-2777
  CVE-2014-1779
  CVE-2014-1778
  CVE-2014-1777
  CVE-2014-1775
  CVE-2014-1783
  CVE-2014-1782
  CVE-2014-1781
  CVE-2014-1780
  CVE-2014-2776
  CVE-2014-2775
  CVE-2014-1785
  CVE-2014-1784
  CVE-2014-2771
  CVE-2014-2770
  CVE-2014-2769
  CVE-2014-2768
  CVE-2014-2772
  CVE-2014-2773
  CVE-2014-2782
  CVE-2014-2759
  CVE-2014-1794
  CVE-2014-1795
  CVE-2014-1791
  CVE-2014-1792
  CVE-2014-1789
  CVE-2014-1790
  CVE-2014-1786
  CVE-2014-1788
  CVE-2014-1796
  CVE-2014-1797
  CVE-2014-0282
  CVE-2014-1762
  CVE-2014-1764
  CVE-2014-1766
  CVE-2014-1769
  CVE-2014-1770
  CVE-2014-1771
  CVE-2014-1772
  CVE-2014-1773
  CVE-2014-2763
  CVE-2014-2764
  CVE-2014-2765
  CVE-2014-2757
  CVE-2014-2758
  CVE-2014-1774
  CVE-2014-2760
  CVE-2014-2761
  CVE-2014-2766
  CVE-2014-2767
  

Эксплуатация

Public exploits exist for this vulnerability.

Связанные продукты

• Microsoft-Internet-Explorer

Список CVE

• CVE-2014-1800
  critical
• CVE-2014-1799
  critical
• CVE-2014-1803
  critical
• CVE-2014-1802
  critical
• CVE-2014-1805
  critical
• CVE-2014-1804
  critical
• CVE-2014-2754
  critical
• CVE-2014-2753
  critical
• CVE-2014-2756
  critical
• CVE-2014-2755
  critical
• CVE-2014-2777
  critical
• CVE-2014-1779
  critical
• CVE-2014-1778
  high
• CVE-2014-1777
  warning
• CVE-2014-1775
  critical
• CVE-2014-1783
  critical
• CVE-2014-1782
  critical
• CVE-2014-1781
  critical
• CVE-2014-1780
  critical
• CVE-2014-2776
  critical
• CVE-2014-2775
  critical
• CVE-2014-1785
  critical
• CVE-2014-1784
  critical
• CVE-2014-2771
  critical
• CVE-2014-2770
  critical
• CVE-2014-2769
  critical
• CVE-2014-2768
  critical
• CVE-2014-2772
  critical
• CVE-2014-2773
  critical
• CVE-2014-2782
  critical
• CVE-2014-2759
  critical
• CVE-2014-1794
  critical
• CVE-2014-1795
  critical
• CVE-2014-1791
  critical
• CVE-2014-1792
  critical
• CVE-2014-1789
  critical
• CVE-2014-1790
  critical
• CVE-2014-1786
  critical
• CVE-2014-1788
  critical
• CVE-2014-1796
  critical
• CVE-2014-1797
  critical
• CVE-2014-0282
  critical
• CVE-2014-1762
  critical
• CVE-2014-1764
  critical
• CVE-2014-1766
  critical
• CVE-2014-1769
  critical
• CVE-2014-1770
  critical
• CVE-2014-1771
  high
• CVE-2014-1772
  critical
• CVE-2014-1773
  critical
• CVE-2014-2763
  critical
• CVE-2014-2764
  critical
• CVE-2014-2765
  critical
• CVE-2014-2757
  critical
• CVE-2014-2758
  critical
• CVE-2014-1774
  critical
• CVE-2014-2760
  critical
• CVE-2014-2761
  critical
• CVE-2014-2766
  critical
• CVE-2014-2767
  critical

Список KB

• 2963950
• 2969262
• 2957689

Смотрите также

Узнай статистику распространения уязвимостей в своем регионе statistics.securelist.com