WER IST SIBERAS?

Die siberas GmbH ein auf Sicherheitsanalysen und Penetrationstests spezialisiertes Beratungsunternehmen, welches Sie herstellerunabhängig und kompetent im Bereich IT-Sicherheit berät.

KONTAKT

(Pwn2Own) Microsoft Internet Explorer Remote Code Execution Vulnerability

Reference ID: SSA-1401
Publication date: 09.07.2014
Severity: critical
Discovered by: Andreas Schmidt

Affected products/versions: Microsoft Internet Explorer 11

This vulnerability allows remote attackers to execute arbitrary code on vulnerable installations of Microsoft Internet Explorer. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw happens during manipulations of the DOM tree. An attacker can leverage this vulnerability to execute code under the context of the current process.

References:
CVE-2014-1766
Microsoft Security Bulletin MS14-035