 | |
| CVE-ID | ||
|---|---|---|
CVE-2014-1776 | • Severity Rating • Fix Information • Vulnerable Software Versions • SCAP Mappings | |
| Description | ||
| Use-after-free vulnerability in Microsoft Internet Explorer 6 through 11 allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via vectors related to the CMarkup::IsConnectedToPrimaryMarkup function, as exploited in the wild in April 2014. NOTE: this issue originally emphasized VGX.DLL, but Microsoft clarified that "VGX.DLL does not contain the vulnerable code leveraged in this exploit. Disabling VGX.DLL is an exploit-specific workaround that provides an immediate, effective workaround to help block known attacks." | ||
| References | ||
| Note:References are provided for the convenience of the reader to help distinguish between vulnerabilities. The list is not intended to be complete. | ||
| ||
| Date Entry Created | ||
| 20140129 | Disclaimer: The entry creation date may reflect when the CVE-ID was allocated or reserved, and does not necessarily indicate when this vulnerability was discovered, shared with the affected vendor, publicly disclosed, or updated in CVE. | |
| Phase (Legacy) | ||
| Assigned (20140129) | ||
| Votes (Legacy) | ||
| Comments (Legacy) | ||
| Proposed (Legacy) | ||
| N/A | ||
| This is an entry on the CVE list, which standardizes names for security problems. | ||
You can also search by reference using the CVE Reference Maps. | ||
| For More Information: cve@mitre.org | ||
