Announcement Announcement Module
Collapse
No announcement yet.
Microsoft Internet Explorer Remote Code Execution Vulnerability Page Title Module
Move Remove Collapse
X
Conversation Detail Module
Collapse
  • Filter
  • Time
  • Show
Clear All
new posts

  • Microsoft Internet Explorer Remote Code Execution Vulnerability

    Microsoft Internet Explorer Remote Code Execution Vulnerability


    Severity Rating: High

    Systems Affected
    • Microsoft Internet Explorer

    Overview
    A use-after-free vulnerability has been reported in Microsoft Internet Explorer (IE) which could allow a remote attacker to execute arbitrary code on a target system.

    Description
    The vulnerability exists due to improper handling of the ScriptEngine objects within Internet Explorer.
    A remote attacker could exploit this issue by enticing a user to view specially crafted website or malicious file triggering a memory corruption.

    Successful exploitation could allow the attacker to execute arbitrary code with privileges of the user on the target system.

    Workaround
    Set "Disable script debugging (Internet Explorer)" option, if not configured by default.

    References

    Zero Day Initiative
    http://www.zerodayinitiative.com/advisories/ZDI-14-349/
Tag Cloud Tag Cloud Module
Collapse
Working...
X