CVE-2014-4140 — Microsoft Internet Explorer vulnerability

CWE-2645 documents4 sources

Severity

4.3MEDIUMNVD

EPSS

15.1%

top 5.40%

CISA KEV

Not in KEV

Exploit

No known exploits

Affected products

Microsoft Internet Explorer

Timeline

PublishedOct 15

Latest updateMay 14

Description

Microsoft Internet Explorer 8 through 11 allows remote attackers to bypass the ASLR protection mechanism via a crafted web site, aka "Internet Explorer ASLR Bypass Vulnerability."

CVSS vector

AV:N/AC:M/C:P/I:N/A:NExploitability: 8.6 | Impact: 2.9

Affected Packages1 packages

▶NVDmicrosoft/internet_explorer4 versions+3

🔴Vulnerability Details

GHSA

GHSA-j75x-x795-cvh9: Microsoft Internet Explorer 8 through 11 allows remote attackers to bypass the ASLR protection mechanism via a crafted web site, aka "Internet Explore↗2022-05-14

▶

🕵️Threat Intelligence

Talos

Microsoft Update Tuesday October 2014: Fixes for 4 0-day Vulnerabilities↗2014-10-14

▶

Talos

Microsoft Update Tuesday October 2014: Fixes for 4 0-day Vulnerabilities↗2014-10-14

▶

Zscaler

Zscaler found Multiple Security Vulnerabilities | 10-14-2014↗

▶