Vulnerability Details : CVE-2014-1776
Use-after-free vulnerability in Microsoft Internet Explorer 6 through 11 allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via vectors related to the CMarkup::IsConnectedToPrimaryMarkup function, as exploited in the wild in April 2014. NOTE: this issue originally emphasized VGX.DLL, but Microsoft clarified that "VGX.DLL does not contain the vulnerable code leveraged in this exploit. Disabling VGX.DLL is an exploit-specific workaround that provides an immediate, effective workaround to help block known attacks."
Vulnerability category: Memory CorruptionExecute codeDenial of service
CVE-2014-1776 is in the CISA Known Exploited Vulnerabilities Catalog
CISA vulnerability name:
Microsoft Internet Explorer Memory Corruption Vulnerability
CISA required action:
Apply updates per vendor instructions.
CISA description:
Microsoft Internet Explorer contains a memory corruption vulnerability that allows remote attackers to execute code in the context of the current user.
Notes:
https://learn.microsoft.com/en-us/security-updates/SecurityBulletins/2014/ms14-021?redirectedfrom=MSDN
Added on
2022-01-28
Action due date
2022-07-28
Exploit prediction scoring system (EPSS) score for CVE-2014-1776
Probability of exploitation activity in the next 30 days: 96.77%
Percentile, the proportion of vulnerabilities that are scored at or less: ~ 100 % EPSS Score History EPSS FAQ
CVSS scores for CVE-2014-1776
Base Score | Base Severity | CVSS Vector | Exploitability Score | Impact Score | Score Source |
---|---|---|---|---|---|
10.0
|
HIGH | AV:N/AC:L/Au:N/C:C/I:C/A:C |
10.0
|
10.0
|
NIST |
CWE ids for CVE-2014-1776
-
Referencing memory after it has been freed can cause a program to crash, use unexpected values, or execute code.Assigned by: nvd@nist.gov (Primary)
References for CVE-2014-1776
-
http://www.kb.cert.org/vuls/id/222929
VU#222929 - Microsoft Internet Explorer CMarkup use-after-free vulnerabilityMitigation;Third Party Advisory;US Government Resource
-
https://technet.microsoft.com/library/security/2963983
Microsoft Security Advisory 2963983 | Microsoft DocsMitigation;Patch;Vendor Advisory
-
https://docs.microsoft.com/en-us/security-updates/securitybulletins/2014/ms14-021
Microsoft Security Bulletin MS14-021 - Critical | Microsoft Docs
-
http://www.securityfocus.com/bid/67075
Microsoft Internet Explorer CVE-2014-1776 Remote Code Execution VulnerabilityVDB Entry
-
http://securitytracker.com/id?1030154
Microsoft Internet Explorer Object Access Flaw Lets Remote Users Execute Arbitrary Code - SecurityTracker
-
http://www.signalsec.com/cve-2014-1776-ie-0day-analysis/
CVE-2014-1776 (IE 0day) Analysis | SignalSEC Corp.Third Party Advisory
-
http://www.fireeye.com/blog/uncategorized/2014/04/new-zero-day-exploit-targeting-internet-explorer-versions-9-through-11-identified-in-targeted-attacks.html
New Zero-Day Exploit targeting Internet Explorer Versions 9 through 11 Identified in Targeted Attacks | FireEye IncBroken Link
-
http://blogs.technet.com/b/srd/archive/2014/04/30/protection-strategies-for-the-security-advisory-2963983-ie-0day.aspx
Protection strategies for the Security Advisory 2963983 IE 0day – Microsoft Security Response CenterMitigation
Products affected by CVE-2014-1776
- cpe:2.3:a:microsoft:internet_explorer:6:*:*:*:*:*:*:*
- cpe:2.3:a:microsoft:internet_explorer:7:*:*:*:*:*:*:*
- cpe:2.3:a:microsoft:internet_explorer:8:*:*:*:*:*:*:*
- cpe:2.3:a:microsoft:internet_explorer:9:*:*:*:*:*:*:*
- cpe:2.3:a:microsoft:internet_explorer:10:*:*:*:*:*:*:*
- cpe:2.3:a:microsoft:internet_explorer:11:*:*:*:*:*:*:*