CVE-2014-2774
published 2014-08-12CVE-2014-2774: Microsoft Internet Explorer 6 through 11 allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via a crafted web…
PriorityP353critical9.3CVSS 2.0
AVNACMAuNCCICAC
EPSS
16.53%
96.6th percentile
Microsoft Internet Explorer 6 through 11 allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via a crafted web site, aka "Internet Explorer Memory Corruption Vulnerability," a different vulnerability than CVE-2014-2820, CVE-2014-2826, CVE-2014-2827, and CVE-2014-4063.
Affected
8 ranges
| Vendor | Product | Version range | Fixed in |
|---|---|---|---|
| erlang | erlang_otp | >= 0 < 1:16.b.3-dfsg-1ubuntu2.2 | 1:16.b.3-dfsg-1ubuntu2.2 |
| erlang | erlang_otp | >= 0 < 1:18.3-dfsg-1ubuntu3.1 | 1:18.3-dfsg-1ubuntu3.1 |
| microsoft | internet_explorer | — | — |
| microsoft | internet_explorer | — | — |
| microsoft | internet_explorer | — | — |
| microsoft | internet_explorer | — | — |
| microsoft | internet_explorer | — | — |
| microsoft | internet_explorer | — | — |
CVSS provenance
nvdv2.09.3CRITICALAV:N/AC:M/Au:N/C:C/I:C/A:C
osv7.5HIGH
Stop checking back — get the weekly exploitation signal.
Every Monday: what got weaponized or added to CISA KEV in the last seven days — each CVE cross-linked to its PoC, Nuclei template, and detection rule. Free, one email a week, unsubscribe in one click.
GHSA
GHSA-2w9p-3jw9-6hcv: Microsoft Internet Explorer 6 through 11 allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via a craf
ghsa_unreviewed·2022-05-14·CVSS 9.3
CVE-2014-4063 [CRITICAL] CWE-119 GHSA-2w9p-3jw9-6hcv: Microsoft Internet Explorer 6 through 11 allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via a craf
Microsoft Internet Explorer 6 through 11 allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via a crafted web site, aka "Internet Explorer Memory Corruption Vulnerability," a different vulnerability than CVE-2014-2774, CVE-2014-2820, CVE-2014-2826, and CVE-2014-2827.
GHSA
GHSA-73px-54m5-qm94: Microsoft Internet Explorer 6 through 11 allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via a craf
ghsa_unreviewed·2022-05-14·CVSS 9.3
CVE-2014-2826 [CRITICAL] CWE-119 GHSA-73px-54m5-qm94: Microsoft Internet Explorer 6 through 11 allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via a craf
Microsoft Internet Explorer 6 through 11 allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via a crafted web site, aka "Internet Explorer Memory Corruption Vulnerability," a different vulnerability than CVE-2014-2774, CVE-2014-2820, CVE-2014-2827, and CVE-2014-4063.
GHSA
GHSA-5g88-92c3-56qf: Microsoft Internet Explorer 6 through 11 allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via a craf
ghsa_unreviewed·2022-05-14·CVSS 9.3
CVE-2014-2827 [CRITICAL] CWE-119 GHSA-5g88-92c3-56qf: Microsoft Internet Explorer 6 through 11 allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via a craf
Microsoft Internet Explorer 6 through 11 allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via a crafted web site, aka "Internet Explorer Memory Corruption Vulnerability," a different vulnerability than CVE-2014-2774, CVE-2014-2820, CVE-2014-2826, and CVE-2014-4063.
GHSA
GHSA-73h3-6f2v-rvhm: Microsoft Internet Explorer 6 through 11 allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via a craf
ghsa_unreviewed·2022-05-14·CVSS 9.3
CVE-2014-2774 [CRITICAL] CWE-119 GHSA-73h3-6f2v-rvhm: Microsoft Internet Explorer 6 through 11 allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via a craf
Microsoft Internet Explorer 6 through 11 allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via a crafted web site, aka "Internet Explorer Memory Corruption Vulnerability," a different vulnerability than CVE-2014-2820, CVE-2014-2826, CVE-2014-2827, and CVE-2014-4063.
GHSA
GHSA-gg24-jvxr-982q: Microsoft Internet Explorer 6 through 11 allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via a craf
ghsa_unreviewed·2022-05-14·CVSS 9.3
CVE-2014-2820 [CRITICAL] CWE-119 GHSA-gg24-jvxr-982q: Microsoft Internet Explorer 6 through 11 allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via a craf
Microsoft Internet Explorer 6 through 11 allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via a crafted web site, aka "Internet Explorer Memory Corruption Vulnerability," a different vulnerability than CVE-2014-2774, CVE-2014-2826, CVE-2014-2827, and CVE-2014-4063.
OSV
erlang vulnerabilities
osv·2018-02-14·CVSS 7.5
CVE-2014-1693 erlang vulnerabilities
erlang vulnerabilities
It was discovered that the Erlang FTP module incorrectly handled certain
CRLF sequences. A remote attacker could possibly use this issue to inject
arbitrary FTP commands. This issue only affected Ubuntu 14.04 LTS.
(CVE-2014-1693)
It was discovered that Erlang incorrectly checked CBC padding bytes. A
remote attacker could possibly use this issue to perform a padding oracle
attack and decrypt traffic. This issue only affected Ubuntu 14.04 LTS.
(CVE-2015-2774)
It was discovered that Erlang incorrectly handled certain regular
expressions. A remote attacker could possibly use this issue to cause
Erlang to crash, resulting in a denial of service, or execute arbitrary
code. This issue only affected Ubuntu 16.04 LTS. (CVE-2016-10253)
Hanno Böck, Juraj Somorovsky and Crai
No detection rules found.
No public exploits indexed.
No writeups or analysis indexed.
http://secunia.com/advisories/60670http://www.securityfocus.com/bid/69090http://www.securitytracker.com/id/1030715https://docs.microsoft.com/en-us/security-updates/securitybulletins/2014/ms14-051https://exchange.xforce.ibmcloud.com/vulnerabilities/94966http://secunia.com/advisories/60670http://www.securityfocus.com/bid/69090http://www.securitytracker.com/id/1030715https://docs.microsoft.com/en-us/security-updates/securitybulletins/2014/ms14-051https://exchange.xforce.ibmcloud.com/vulnerabilities/94966
2014-08-12
Published