mirror of
https://github.com/0xMarcio/cve.git
synced 2025-06-19 17:30:12 +00:00
1.8 KiB
1.8 KiB
CVE-2014-1776
Description
Use-after-free vulnerability in Microsoft Internet Explorer 6 through 11 allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via vectors related to the CMarkup::IsConnectedToPrimaryMarkup function, as exploited in the wild in April 2014. NOTE: this issue originally emphasized VGX.DLL, but Microsoft clarified that "VGX.DLL does not contain the vulnerable code leveraged in this exploit. Disabling VGX.DLL is an exploit-specific workaround that provides an immediate, effective workaround to help block known attacks."
POC
Reference
Github
- https://github.com/CyberMonitor/APT_CyberCriminal_Campagin_Collections
- https://github.com/Flerov/WindowsExploitDev
- https://github.com/Lookingglass/Maltego
- https://github.com/Ostorlab/KEV
- https://github.com/Ostorlab/known_exploited_vulnerbilities_detectors
- https://github.com/cranelab/exploit-development
- https://github.com/emtee40/APT_CyberCriminal_Campagin_Collections
- https://github.com/eric-erki/APT_CyberCriminal_Campagin_Collections
- https://github.com/iwarsong/apt
- https://github.com/jvdroit/APT_CyberCriminal_Campagin_Collections
- https://github.com/likescam/APT_CyberCriminal_Campagin_Collections
- https://github.com/likescam/CyberMonitor-APT_CyberCriminal_Campagin_Collections
- https://github.com/paulveillard/cybersecurity-exploit-development
- https://github.com/sumas/APT_CyberCriminal_Campagin_Collections
- https://github.com/zha0/Maltego