SAINT CorporationSAINT:C5151F8B61804C60EC822679D32F32AFInternet Explorer CMarkup Object Handling Use-after-free Vulnerability
CVSS2
Attack Vector
NETWORK
Attack Complexity
MEDIUM
Authentication
NONE
Confidentiality Impact
COMPLETE
Integrity Impact
COMPLETE
Availability Impact
COMPLETE
AV:N/AC:M/Au:N/C:C/I:C/A:C
CVSS3
Attack Vector
NETWORK
Attack Complexity
LOW
Privileges Required
NONE
User Interaction
REQUIRED
Scope
UNCHANGED
Confidentiality Impact
HIGH
Integrity Impact
HIGH
Availability Impact
HIGH
CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H
EPSS
Percentile
99.9%
Added: 04/17/2014
CVE: CVE-2014-0322
BID: 65551
OSVDB: 103354
Background
Internet Explorer is an HTML web browser which comes by default on Microsoft operating systems.
Problem
Microsoft Internet Explorer 9 and 10 contain a use-after-free vulnerability in the CMarkup component of the MSHTML library. By enticing a user to open a specially crafted web page, a remote attacker could upload and execute arbitrary code on the compromised user’s system.
This exploit in the wild uses the Internet Explorer vulnerability to corrupt Adobe Flash content in such a way as to bypass Address Space Layout Randomization (ASLR), disable Data Execution Prevention (DEP), and then execute code.
Resolution
Apply updates as specified in Microsoft Security Bulletin MS14-012.
References
<http://secunia.com/advisories/56974/>
<http://www.kb.cert.org/vuls/id/732479>
Limitations
The user must open the exploit page in MS IE 9 or 10.
Exploit was tested using Adobe Flash Player 12.0.0.70 and 12.0.0.77.
Platforms
Windows
Related
CVSS2
Attack Vector
NETWORK
Attack Complexity
MEDIUM
Authentication
NONE
Confidentiality Impact
COMPLETE
Integrity Impact
COMPLETE
Availability Impact
COMPLETE
AV:N/AC:M/Au:N/C:C/I:C/A:C
CVSS3
Attack Vector
NETWORK
Attack Complexity
LOW
Privileges Required
NONE
User Interaction
REQUIRED
Scope
UNCHANGED
Confidentiality Impact
HIGH
Integrity Impact
HIGH
Availability Impact
HIGH
CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H
EPSS
Percentile
99.9%