CVE-2014-1763
published 2014-04-27CVE-2014-1763: Use-after-free vulnerability in Microsoft Internet Explorer 9 through 11 allows remote attackers to execute arbitrary code and bypass a sandbox protection…
PriorityP356critical10CVSS 2.0
AVNACLAuNCCICAC
EPSS
22.39%
97.4th percentile
Use-after-free vulnerability in Microsoft Internet Explorer 9 through 11 allows remote attackers to execute arbitrary code and bypass a sandbox protection mechanism via unspecified vectors, as demonstrated by VUPEN during a Pwn2Own competition at CanSecWest 2014.
Affected
3 ranges
| Vendor | Product | Version range | Fixed in |
|---|---|---|---|
| microsoft | internet_explorer | — | — |
| microsoft | internet_explorer | — | — |
| microsoft | internet_explorer | — | — |
Stop checking back — get the weekly exploitation signal.
Every Monday: what got weaponized or added to CISA KEV in the last seven days — each CVE cross-linked to its PoC, Nuclei template, and detection rule. Free, one email a week, unsubscribe in one click.
VulDB
Microsoft Internet Explorer 11 resource management (MS14-037 / Nessus ID 76406)
vuldb·2026-05-12·CVSS 10.0
CVE-2014-1763 [CRITICAL] Microsoft Internet Explorer 11 resource management (MS14-037 / Nessus ID 76406)
A vulnerability was found in Microsoft Internet Explorer 11 and classified as critical. Affected by this vulnerability is an unknown functionality. Executing a manipulation can lead to improper resource management.
The identification of this vulnerability is CVE-2014-1763. The attack may be launched remotely. Furthermore, there is an exploit available.
Applying a patch is advised to resolve this issue.
VulDB
Microsoft Internet Explorer 9/10/11 resource management (MS14-037 / Nessus ID 76406)
vuldb·2026-05-12·CVSS 10.0
CVE-2014-1763 [CRITICAL] Microsoft Internet Explorer 9/10/11 resource management (MS14-037 / Nessus ID 76406)
A vulnerability marked as critical has been reported in Microsoft Internet Explorer 9/10/11. This affects an unknown function. Performing a manipulation results in improper resource management.
This vulnerability is reported as CVE-2014-1763. The attack is possible to be carried out remotely. No exploit exists.
To fix this issue, it is recommended to deploy a patch.
GHSA
GHSA-h774-7fcx-w9r7: Use-after-free vulnerability in Microsoft Internet Explorer 9 through 11 allows remote attackers to execute arbitrary code and bypass a sandbox protec
ghsa_unreviewed·2022-05-14
CVE-2014-1763 [HIGH] GHSA-h774-7fcx-w9r7: Use-after-free vulnerability in Microsoft Internet Explorer 9 through 11 allows remote attackers to execute arbitrary code and bypass a sandbox protec
Use-after-free vulnerability in Microsoft Internet Explorer 9 through 11 allows remote attackers to execute arbitrary code and bypass a sandbox protection mechanism via unspecified vectors, as demonstrated by VUPEN during a Pwn2Own competition at CanSecWest 2014.
No detection rules found.
No public exploits indexed.
No writeups or analysis indexed.
http://secunia.com/advisories/59775http://twitter.com/thezdi/statuses/443855973673754624http://www.pwn2own.com/2014/03/pwn2own-results-for-wednesday-day-one/http://www.securityfocus.com/archive/1/532797/100/0/threadedhttp://www.securitytracker.com/id/1030532https://docs.microsoft.com/en-us/security-updates/securitybulletins/2014/ms14-037http://secunia.com/advisories/59775http://twitter.com/thezdi/statuses/443855973673754624http://www.pwn2own.com/2014/03/pwn2own-results-for-wednesday-day-one/http://www.securityfocus.com/archive/1/532797/100/0/threadedhttp://www.securitytracker.com/id/1030532https://docs.microsoft.com/en-us/security-updates/securitybulletins/2014/ms14-037
2014-04-27
Published