Die siberas GmbH ein auf Sicherheitsanalysen und Penetrationstests spezialisiertes Beratungsunternehmen, welches Sie herstellerunabhängig und kompetent im Bereich IT-Sicherheit berät.
(Pwn2Own) Microsoft Internet Explorer Remote Code Execution Vulnerability
Reference ID: SSA-1401Affected products/versions: Microsoft Internet Explorer 11
This vulnerability allows remote attackers to execute arbitrary code on vulnerable installations of Microsoft Internet Explorer. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw happens during manipulations of the DOM tree. An attacker can leverage this vulnerability to execute code under the context of the current process.
References:
CVE-2014-1766
Microsoft Security Bulletin MS14-035