Advertisement






Microsoft Internet Explorer Request Object Confusion Sandbox Bypass

CVE Category Price Severity
CVE-2014-1764 CWE-399 N/A High
Author Risk Exploitation Type Date
Active State High Local 2014-07-17
CPE
cpe:cpe:/a:microsoft:internet_explorer
CVSS EPSS EPSSP
CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H 0.02192 0.50148

CVSS vector description

Our sensors found this exploit at: http://cxsecurity.com/ascii/WLB-2014070092

Below is a copy:

VUPEN Security Research - Microsoft Internet Explorer "Request" Object
Confusion Sandbox Bypass (Pwn2Own 2014)

Website : http://www.vupen.com

Twitter : http://twitter.com/vupen


I. BACKGROUND
---------------------

"Microsoft Internet Explorer is a web browser developed by Microsoft and
included as part of the Microsoft Windows line of operating systems with
more than 60% of the worldwide usage share of web browsers." (Wikipedia)


II. DESCRIPTION
---------------------

VUPEN Vulnerability Research Team discovered a critical vulnerability
in Microsoft Internet Explorer.

The vulnerability is caused by an object confusion vulnerability when
processing object types within data shared between the broker and
sandboxed processes, which could be exploited by a sandboxed process
to achieve code execution within the broker context and bypass IE
Protected Mode sandbox.


III. AFFECTED PRODUCTS
---------------------------

Microsoft Internet Explorer 11
Microsoft Internet Explorer 10
Microsoft Internet Explorer 9
Microsoft Internet Explorer 8


IV. SOLUTION
----------------

Apply MS14-035 security update.


V. CREDIT
--------------

This vulnerability was discovered by VUPEN Security.


VI. ABOUT VUPEN Security
---------------------------

VUPEN is the leading provider of defensive and offensive cyber security
intelligence and advanced zero-day research. All VUPEN's vulnerability
intelligence results exclusively from its internal and in-house R&D
efforts conducted by its team of world-class researchers.

VUPEN Solutions: http://www.vupen.com/english/services/


VII. REFERENCES
----------------------

https://technet.microsoft.com/library/security/ms14-035
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-1764


VIII. DISCLOSURE TIMELINE
-----------------------------

2011-11-30 - Vulnerability Discovered by VUPEN Security
2014-03-14 - Vulnerability Reported to ZDI and Microsoft During Pwn2Own 2014
2014-06-10 - Vulnerability Fixed by Microsoft
2014-07-16 - Public disclosure


Copyright ©2024 Exploitalert.

All trademarks used are properties of their respective owners. By visiting this website you agree to Terms of Use.