Vulnerabilities > CVE-2014-4123 - Unspecified vulnerability in Microsoft Internet Explorer
Attack vector
NETWORK Attack complexity
LOW Privileges required
NONE Confidentiality impact
HIGH Integrity impact
HIGH Availability impact
HIGH Summary
Microsoft Internet Explorer 7 through 11 allows remote attackers to gain privileges via a crafted web site, aka "Internet Explorer Elevation of Privilege Vulnerability," as exploited in the wild in October 2014, a different vulnerability than CVE-2014-4124.
Vulnerable Configurations
| Part | Description | Count |
|---|---|---|
| Application | 5 | |
| OS | Microsoft
| 12 |
Msbulletin
| bulletin_id | MS14-056 |
| bulletin_url | |
| date | 2014-10-14T00:00:00 |
| impact | Remote Code Execution |
| knowledgebase_id | 2987107 |
| knowledgebase_url | |
| severity | Critical |
| title | Cumulative Security Update for Internet Explorer |
Nessus
| NASL family | Windows : Microsoft Bulletins |
| NASL id | SMB_NT_MS14-056.NASL |
| description | The remote host is missing Internet Explorer (IE) Security Update 2987107. The version of Internet Explorer installed on the remote host is affected by multiple vulnerabilities, the majority of which are remote code execution vulnerabilities. An attacker can exploit these by convincing a user to visit a specially crafted web page. |
| last seen | 2020-06-01 |
| modified | 2020-06-02 |
| plugin id | 78431 |
| published | 2014-10-15 |
| reporter | This script is Copyright (C) 2014-2018 Tenable Network Security, Inc. |
| source | https://www.tenable.com/plugins/nessus/78431 |
| title | MS14-056: Cumulative Security Update for Internet Explorer (2987107) |
References
- http://blogs.technet.com/b/srd/archive/2014/10/14/accessing-risk-for-the-october-2014-security-updates.aspx
- http://www.securityfocus.com/bid/70326
- http://www.securitytracker.com/id/1031018
- http://secunia.com/advisories/60968
- https://docs.microsoft.com/en-us/security-updates/securitybulletins/2014/ms14-056