PT-2014-1568 · Microsoft · Internet Explorer

Jason Kratzer

Published

2014-10-14

Updated

2018-10-12

CVE-2014-4128

CVSS v2.0

9.3

High

Vector

AV:N/AC:M/Au:N/C:C/I:C/A:C

Name of the Vulnerable Software and Affected Versions Microsoft Internet Explorer versions 6 through 11

Description The issue is related to improper access to objects in memory, which could lead to memory corruption. This allows remote attackers to execute arbitrary code or cause a denial of service in the context of the current user. The vulnerability exists due to the way Internet Explorer handles memory, potentially enabling an attacker to execute arbitrary code.

Recommendations For Microsoft Internet Explorer versions 6 through 11, update to a newer version to mitigate the risk of exploitation. As a temporary workaround, consider restricting access to potentially malicious websites to minimize the risk of triggering the memory corruption issue.

Fix

RCE

DoS

Found an issue in the description? Have something to add? Feel free to write us 👾

dbugs@ptsecurity.com

Weakness Enumeration

CWE-20

Related Identifiers

BDU:2015-00504

CVE-2014-4128

Affected Products

Internet Explorer

PT-2014-1568 · Microsoft · Internet Explorer

CVE-2014-4128

Weakness Enumeration

Related Identifiers

Affected Products

References · 9