Lucene search
OmairZDI-14-019HistoryFeb 13, 2014 - 12:00 a.m.
Microsoft Direct2D Graphics Component Remote Code Execution Vulnerability
2014-02-1300:00:00
Omair
www.zerodayinitiative.com
25
0.954 High
EPSS
Percentile
99.4%
This vulnerability allows remote attackers to execute arbitrary code on vulnerable installations of Microsoft Internet Explorer. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists within the handling of SVG path nodes. The issue lies in a miscalculation when processing a path containing overly large values. An attacker can leverage this situation to execute code under the context of the user running the browser.
Related
cvelist
cvelist
CVE-2014-0263
2014-02-12 02:00:00
seebug
seebug
openvas
openvas
Microsoft Windows Direct2D Remote Code Execution Vulnerability (2912390)
2014-02-12 00:00:00
Microsoft Windows Direct2D Remote Code Execution Vulnerability (2912390)
2014-02-12 00:00:00
checkpoint_advisories
checkpoint_advisories
Microsoft Graphics Component Memory Corruption (MS14-007; CVE-2014-0263)
2014-02-11 00:00:00
prion
prion
Memory corruption
2014-02-12 04:50:00
nessus
nessus
cve
cve
CVE-2014-0263
2014-02-12 04:50:40
nvd
nvd
CVE-2014-0263
2014-02-12 04:50:40
symantec
symantec
securityvulns
securityvulns
Microsoft Windows multiple security vulnerabilities
2014-02-11 00:00:00
kaspersky
kaspersky
KLA10601 Multiple vulnerabilities in Microsoft products
2014-11-11 00:00:00