CVE-2014-4140

Name of the Vulnerable Software and Affected Versions Microsoft Internet Explorer versions 8 through 11

Description The issue allows remote attackers to bypass the Address Space Layout Randomization (ASLR) protection mechanism. This security feature bypass by itself does not allow arbitrary code execution. However, an attacker could use this ASLR bypass vulnerability in conjunction with another vulnerability, such as a remote code execution vulnerability, to run arbitrary code. The ASLR bypass vulnerability exists in Internet Explorer and enables attackers to circumvent the ASLR protection, which helps protect users from a broad class of vulnerabilities.

Recommendations For Microsoft Internet Explorer versions 8 through 11, consider disabling the web browser's ability to access crafted web sites as a temporary workaround until a patch is available. Restrict access to potentially vulnerable web pages to minimize the risk of exploitation. At the moment, there is no information about a newer version that contains a fix for this vulnerability.