CVE-2014-0307
Microsoft Internet Explorer 9 - Use After Free
Title source: llmDescription
Use-after-free vulnerability in Microsoft Internet Explorer 9 allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via a certain sequence of manipulations of a TextRange element, aka "Internet Explorer Memory Corruption Vulnerability."
Exploits (2)
exploitdb
WORKING POC
VERIFIED
by Metasploit · rubyremotewindows
https://www.exploit-db.com/exploits/32438
metasploit
WORKING POC
NORMAL
by Jason Kratzer, sinn3r · rubypocwin
https://github.com/rapid7/metasploit-framework/blob/master/modules/exploits/windows/browser/ms14_012_textrange.rb
Scores
EPSS
0.8639
EPSS Percentile
99.4%
Details
CWE
CWE-119
CWE-416
Status
published
Products (1)
microsoft/internet_explorer
9
Published
Mar 12, 2014
Tracked Since
Feb 18, 2026