Vulnerabilities > CVE-2014-4127 - Resource Management Errors vulnerability in Microsoft Internet Explorer

047910
CVSS 9.3 - CRITICAL
Attack vector
NETWORK
Attack complexity
MEDIUM
Privileges required
NONE
Confidentiality impact
COMPLETE
Integrity impact
COMPLETE
Availability impact
COMPLETE
network
microsoft
CWE-399
critical
nessus

Summary

Microsoft Internet Explorer 6 through 10 allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via a crafted web site, aka "Internet Explorer Memory Corruption Vulnerability."

Common Weakness Enumeration (CWE)

Msbulletin

bulletin_idMS14-056
bulletin_url
date2014-10-14T00:00:00
impactRemote Code Execution
knowledgebase_id2987107
knowledgebase_url
severityCritical
titleCumulative Security Update for Internet Explorer

Nessus

NASL familyWindows : Microsoft Bulletins
NASL idSMB_NT_MS14-056.NASL
descriptionThe remote host is missing Internet Explorer (IE) Security Update 2987107. The version of Internet Explorer installed on the remote host is affected by multiple vulnerabilities, the majority of which are remote code execution vulnerabilities. An attacker can exploit these by convincing a user to visit a specially crafted web page.
last seen2020-06-01
modified2020-06-02
plugin id78431
published2014-10-15
reporterThis script is Copyright (C) 2014-2018 Tenable Network Security, Inc.
sourcehttps://www.tenable.com/plugins/nessus/78431
titleMS14-056: Cumulative Security Update for Internet Explorer (2987107)