⚠ Exploited in the wild
Exploitation observed in the wild. Not yet on CISA KEV.

CVE-2014-1815Improper Restriction of Operations within the Bounds of a Memory Buffer in Microsoft Internet Explorer

CWE-119Improper Restriction of Operations within the Bounds of a Memory Buffer11 documents7 sources
Severity
9.3CRITICALNVD
EPSS
40.2%
top 2.64%
CISA KEV
Not in KEV
Exploit
Exploited in wild
Active exploitation observed
Affected products
1
Microsoft Internet Explorer
Timeline
PublishedMay 14
Latest updateMay 14

Description

Microsoft Internet Explorer 6 through 11 allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via a crafted web site, as exploited in the wild in May 2014, aka "Internet Explorer Memory Corruption Vulnerability," a different vulnerability than CVE-2014-0310.

CVSS vector

AV:N/AC:M/C:C/I:C/A:CExploitability: 8.6 | Impact: 10.0

Affected Packages1 packages

NVDmicrosoft/internet_explorer6 versions+5

🔴Vulnerability Details

3
GHSA
GHSA-m3vf-g64w-7wxq: Microsoft Internet Explorer 6 through 11 allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via a craf2022-05-14
GHSA
GHSA-9c4m-mcm2-9ghx: Microsoft Internet Explorer 6 through 11 allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via a craf2022-05-14
VulnCheck
Microsoft Internet Explorer Improper Restriction of Operations within the Bounds of a Memory Buffer2014

💥Exploits & PoCs

1
Exploit-DB
Microsoft Internet Explorer - Memory Corruption (PoC) (MS14-029)2014-08-28

🕵️Threat Intelligence

5
Unit42
Is It the Beginning of the End For Use-After-Free Exploitation?2014-07-17
Unit42
Is It the Beginning of the End For Use-After-Free Exploitation?2014-07-17
Talos
Microsoft Update Tuesday May 2014: relatively light month2014-05-13
Talos
Microsoft Update Tuesday May 2014: relatively light month2014-05-13
Zscaler
Zscaler found Multiple Security Vulnerabilities | 05-13-2014
CVE-2014-1815 — Microsoft vulnerability | cvebase