cbcvebase.
CVE-2014-0282
published 2014-06-11

CVE-2014-0282: Microsoft Internet Explorer 6 through 11 allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via a crafted web…

PriorityP265critical9.3CVSS 2.0
AVNACMAuNCCICAC
EXPLOIT
EPSS
46.77%
98.7th percentile
Microsoft Internet Explorer 6 through 11 allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via a crafted web site, aka "Internet Explorer Memory Corruption Vulnerability," a different vulnerability than CVE-2014-1775, CVE-2014-1779, CVE-2014-1799, CVE-2014-1803, and CVE-2014-2757.

Affected

6 ranges
VendorProductVersion rangeFixed in
microsoftinternet_explorer
microsoftinternet_explorer
microsoftinternet_explorer
microsoftinternet_explorer
microsoftinternet_explorer
microsoftinternet_explorer

Detection & IOCsextracted from sources · hover to see the quote

processmshtml!CFormElement::DoReset
  • Use-after-free triggered via CInput element freed during CFormElement::DoReset execution; look for form reset events combined with innerHTML destruction and garbage collection calls in JavaScript
  • Exploit leverages onpropertychange event handler on a checkbox element to trigger the use-after-free during a form reset; monitor for onpropertychange handlers on form input elements combined with form.reset() calls
  • Crash occurs in mshtml!CFormElement::DoReset when accessing a freed CInput element; crash/AV at this function is a strong indicator of CVE-2014-0282 exploitation
  • ·The provided exploit is a PoC crash/DoS only (MS14-035); it does not include a working code-execution payload. Affected versions span IE 6 through 11 per NVD, but the PoC specifically targets IE 8/9/10.
  • ·CVE-2014-0282 is one of several distinct memory-corruption vulnerabilities patched under MS14-035; detections must not conflate it with CVE-2014-2757, CVE-2014-1775, CVE-2014-1779, CVE-2014-1799, or CVE-2014-1803.

CVSS provenance

nvdv2.09.3CRITICALAV:N/AC:M/Au:N/C:C/I:C/A:C
osv4.3MEDIUM
CVEs like this are exactly what “Exploited This Week” covers.

Every Monday: what got weaponized or added to CISA KEV in the last seven days — each CVE cross-linked to its PoC, Nuclei template, and detection rule. Free, one email a week, unsubscribe in one click.