HTTP: Microsoft Internet Explorer CVE-2014-2782 Use After Free
Microsoft Internet Explorer has been reported with memory corruption vulnerability. Successful exploitation could lead to arbitrary code execution in the security context of the target user.
Extended Description
Microsoft Internet Explorer 9 through 11 allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via a crafted web site, aka "Internet Explorer Memory Corruption Vulnerability," a different vulnerability than CVE-2014-1773, CVE-2014-1783, CVE-2014-1784, CVE-2014-1786, CVE-2014-1795, CVE-2014-1805, CVE-2014-2758, CVE-2014-2759, CVE-2014-2765, CVE-2014-2766, and CVE-2014-2775.
Affected Products
Microsoft internet_explorer
References
BugTraq: 68101
CVE: CVE-2014-2782
URL: https://technet.microsoft.com/en-us/library/security/ms14-035 http://securitytracker.com/id?1030370
Short Name
HTTP:MS-IE-MEMORY-CORRUPTION
Severity
Major
Recommended
False
Recommended Action
Drop
Category
HTTP
Keywords
After CVE-2014-2782 Explorer Free Internet Microsoft Use bid:68101
Release Date
11/26/2014
Supported Platforms
srx-branch-12.3
srx-19.3
srx-branch-19.3
vsrx3bsd-19.2
srx-branch-19.4
vsrx-19.4
mx-12.3
mx-19.4
vmx-19.4
mx-19.3
vsrx3bsd-19.4
srx-19.4
vsrx-12.3
vmx-19.3
vsrx-19.2
srx-12.3
Sigpack Version
3761
False Positive
Unknown
Vendors
Microsoft
CVSS Score
9.3