CVE-2014-0322
Description
Use-after-free vulnerability in Microsoft Internet Explorer 9 and 10 allows remote attackers to execute arbitrary code via vectors involving crafted JavaScript code, CMarkup, and the onpropertychange attribute of a script element, as exploited in the wild in January and February 2014.
Risk Information
Base Score
8.8
MODERATE
Vector
CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H
EPSS Score
Exploitation Probability
93.203
Associated Vulnerability
| Vulnerability | OS Platform |
|---|---|
| Cumulative Security Update for Internet Explorer for Windows XP (KB2925418) | Windows |
| Cumulative Security Update for Internet Explorer for Windows Server 2003 (KB2925418) | Windows |
| Cumulative Security Update for Internet Explorer for Windows XP x64 Edition (KB2925418) | Windows |
| Cumulative Security Update for Internet Explorer for Windows Server 2003 x64 Edition (KB2925418) | Windows |
| Cumulative Security Update for Internet Explorer 7 for Windows XP (KB2925418) | Windows |
| Cumulative Security Update for Internet Explorer 7 for Windows Server 2003 (KB2925418) | Windows |
| Cumulative Security Update for Internet Explorer 7 in Windows Vista (KB2925418) | Windows |
| Cumulative Security Update for Internet Explorer 7 in Windows Server 2008 (KB2925418) | Windows |
| Cumulative Security Update for Internet Explorer 7 for Windows XP x64 Edition (KB2925418) | Windows |
| Cumulative Security Update for Internet Explorer 7 for Windows Server 2003 x64 Edition (KB2925418) | Windows |
| Cumulative Security Update for Internet Explorer 7 in Windows Vista x64 Edition (KB2925418) | Windows |
| Cumulative Security Update for Internet Explorer 7 in Windows Server 2008 x64 Edition (KB2925418) | Windows |
| Cumulative Security Update for Internet Explorer 8 for Windows XP (KB2925418) | Windows |
| Cumulative Security Update for Internet Explorer 8 for Windows Server 2003 (KB2925418) | Windows |
| Cumulative Security Update for Internet Explorer 8 in Windows Vista (KB2925418) | Windows |
| Cumulative Security Update for Internet Explorer 8 in Windows Server 2008 (KB2925418) | Windows |
| Cumulative Security Update for Internet Explorer 8 in Windows 7 (KB2925418) | Windows |
| Cumulative Security Update for Internet Explorer 8 for Windows XP x64 Edition (KB2925418) | Windows |
| Cumulative Security Update for Internet Explorer 8 for Windows Server 2003 x64 Edition (KB2925418) for SP2 | Windows |
| Cumulative Security Update for Internet Explorer 8 in Windows Vista x64 Edition (KB2925418) | Windows |
| Cumulative Security Update for Internet Explorer 8 in Windows Server 2008 x64 Edition (KB2925418) | Windows |
| Cumulative Security Update for Internet Explorer 8 in Windows 7 x64 Edition (KB2925418) | Windows |
| Cumulative Security Update for Internet Explorer 8 in Windows Server 2008 R2 x64 Edition (KB2925418) | Windows |
| Cumulative Security Update for Internet Explorer 9 in Windows Vista (KB2925418) | Windows |
| Cumulative Security Update for Internet Explorer 9 in Windows Server 2008 (KB2925418) | Windows |
| Cumulative Security Update for Internet Explorer 9 in Windows 7 (KB2925418) | Windows |
| Cumulative Security Update for Internet Explorer 9 in Windows Vista x64 Edition (KB2925418) | Windows |
| Cumulative Security Update for Internet Explorer 9 in Windows Server 2008 x64 Edition (KB2925418) | Windows |
| Cumulative Security Update for Internet Explorer 9 in Windows 7 x64 Edition (KB2925418) | Windows |
| Cumulative Security Update for Internet Explorer 9 in Windows Server 2008 R2 x64 Edition (KB2925418) | Windows |
| Cumulative Security Update for Internet Explorer 10 in Windows 7 (KB2925418) | Windows |
| Cumulative Security Update for Internet Explorer 10 in Windows 8 (KB2925418) | Windows |
| Cumulative Security Update for Internet Explorer 10 in Windows 7 x64 Edition (KB2925418) | Windows |
| Cumulative Security Update for Internet Explorer 10 in Windows Server 2008 R2 x64 Edition (KB2925418) | Windows |
| Cumulative Security Update for Internet Explorer 10 in Windows 8 x64 Edition (KB2925418) | Windows |
| Cumulative Security Update for Internet Explorer 10 in Windows Server 2012 x64 Edition (KB2925418) | Windows |
| Cumulative Security Update for Internet Explorer 11 in Windows 7 (KB2925418) | Windows |
| Cumulative Security Update for Internet Explorer 11 for Windows 8.1 (KB2925418) | Windows |
| Cumulative Security Update for Internet Explorer 11 in Windows 7 x64 Edition (KB2925418) | Windows |
| Cumulative Security Update for Internet Explorer 11 in Windows Server 2008 R2 x64 Edition (KB2925418) | Windows |
| Cumulative Security Update for Internet Explorer 11 for Windows 8.1 for x64-based systems (KB2925418) | Windows |
| Cumulative Security Update for Internet Explorer 11 for Windows Server 2012 R2 (KB2925418) | Windows |
| Cumulative Security Update for Internet Explorer 8 for Windows Server 2003 x64 Edition (KB2964358) for SP2 | Windows |
Patch Details
Click to see the patches provided by ManageEngine for this CVE
| Patch ID | Patch Description |
|---|---|
| PATCH-15156 | Cumulative Security Update for Internet Explorer for Windows XP (KB2925418) |
| PATCH-15157 | Cumulative Security Update for Internet Explorer for Windows Server 2003 (KB2925418) |
| PATCH-15158 | Cumulative Security Update for Internet Explorer for Windows XP x64 Edition (KB2925418) |
| PATCH-15159 | Cumulative Security Update for Internet Explorer for Windows Server 2003 x64 Edition (KB2925418) |
| PATCH-15160 | Cumulative Security Update for Internet Explorer 7 for Windows XP (KB2925418) |
| PATCH-15161 | Cumulative Security Update for Internet Explorer 7 for Windows Server 2003 (KB2925418) |
| PATCH-15162 | Cumulative Security Update for Internet Explorer 7 in Windows Vista (KB2925418) |
| PATCH-15163 | Cumulative Security Update for Internet Explorer 7 in Windows Server 2008 (KB2925418) |
| PATCH-15164 | Cumulative Security Update for Internet Explorer 7 for Windows XP x64 Edition (KB2925418) |
| PATCH-15165 | Cumulative Security Update for Internet Explorer 7 for Windows Server 2003 x64 Edition (KB2925418) |
| PATCH-15166 | Cumulative Security Update for Internet Explorer 7 in Windows Vista x64 Edition (KB2925418) |
| PATCH-15167 | Cumulative Security Update for Internet Explorer 7 in Windows Server 2008 x64 Edition (KB2925418) |
| PATCH-15168 | Cumulative Security Update for Internet Explorer 8 for Windows XP (KB2925418) |
| PATCH-15169 | Cumulative Security Update for Internet Explorer 8 for Windows Server 2003 (KB2925418) |
| PATCH-15170 | Cumulative Security Update for Internet Explorer 8 in Windows Vista (KB2925418) |
| PATCH-15171 | Cumulative Security Update for Internet Explorer 8 in Windows Server 2008 (KB2925418) |
| PATCH-15172 | Cumulative Security Update for Internet Explorer 8 in Windows 7 (KB2925418) |
| PATCH-15173 | Cumulative Security Update for Internet Explorer 8 for Windows XP x64 Edition (KB2925418) |
| PATCH-15174 | Cumulative Security Update for Internet Explorer 8 for Windows Server 2003 x64 Edition (KB2925418) |
| PATCH-15175 | Cumulative Security Update for Internet Explorer 8 in Windows Vista x64 Edition (KB2925418) |
| PATCH-15176 | Cumulative Security Update for Internet Explorer 8 in Windows Server 2008 x64 Edition (KB2925418) |
| PATCH-15177 | Cumulative Security Update for Internet Explorer 8 in Windows 7 x64 Edition (KB2925418) |
| PATCH-15178 | Cumulative Security Update for Internet Explorer 8 in Windows Server 2008 R2 x64 Edition (KB2925418) |
| PATCH-15179 | Cumulative Security Update for Internet Explorer 9 in Windows Vista (KB2925418) |
| PATCH-15181 | Cumulative Security Update for Internet Explorer 9 in Windows 7 (KB2925418) |
| PATCH-15182 | Cumulative Security Update for Internet Explorer 9 in Windows Vista x64 Edition (KB2925418) |
| PATCH-15183 | Cumulative Security Update for Internet Explorer 9 in Windows Server 2008 x64 Edition (KB2925418) |
| PATCH-15184 | Cumulative Security Update for Internet Explorer 9 in Windows 7 x64 Edition (KB2925418) |
| PATCH-15186 | Cumulative Security Update for Internet Explorer 10 in Windows 7 (KB2925418) |
| PATCH-15187 | Cumulative Security Update for Internet Explorer 10 in Windows 8 (KB2925418) |
| PATCH-15189 | Cumulative Security Update for Internet Explorer 10 in Windows Server 2008 R2 x64 Edition (KB2925418) |
| PATCH-15232 | Cumulative Security Update for Internet Explorer 10 in Windows 8 x64 Edition (KB2925418) |
| PATCH-15233 | Cumulative Security Update for Internet Explorer 10 in Windows Server 2012 x64 Edition (KB2925418) |
| PATCH-15235 | Cumulative Security Update for Internet Explorer 11 for Windows 8.1 (KB2925418) |
| PATCH-15236 | Cumulative Security Update for Internet Explorer 11 in Windows 7 x64 Edition (KB2925418) |
| PATCH-15237 | Cumulative Security Update for Internet Explorer 11 in Windows Server 2008 R2 x64 Edition (KB2925418) |
| PATCH-15238 | Cumulative Security Update for Internet Explorer 11 for Windows 8.1 for x64-based systems (KB2925418) |
| PATCH-15239 | Cumulative Security Update for Internet Explorer 11 for Windows Server 2012 R2 (KB2925418) |
| PATCH-15392 | Cumulative Security Update for Internet Explorer 8 for Windows Server 2003 x64 Edition (KB2925418) |
References
https://nvd.nist.gov/vuln/detail/CVE-2023-1234
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-1234