CVE-2014-1783

Microsoft Internet Explorer 9-11 - Memory Corruption

Title source: llm

Exploitation Summary

EIP tracks 1 public exploit for CVE-2014-1783.

AI-analyzed exploit summary This HTML/JavaScript PoC demonstrates a use-after-free vulnerability in Internet Explorer 9/10 (CVE-2014-1783) by manipulating the CFormElement object via the DoClick function, leading to memory corruption. The exploit triggers the vulnerability by freeing the CFormElement object and then writing to the freed memory.

Description

Microsoft Internet Explorer 9 through 11 allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via a crafted web site, aka "Internet Explorer Memory Corruption Vulnerability," a different vulnerability than CVE-2014-1773, CVE-2014-1784, CVE-2014-1786, CVE-2014-1795, CVE-2014-1805, CVE-2014-2758, CVE-2014-2759, CVE-2014-2765, CVE-2014-2766, and CVE-2014-2775.

Exploits (1)

exploitdb WORKING POC

htmldoswindows_x86

https://www.exploit-db.com/exploits/34010

View Code ZIP pw:eip

This HTML/JavaScript PoC demonstrates a use-after-free vulnerability in Internet Explorer 9/10 (CVE-2014-1783) by manipulating the CFormElement object via the DoClick function, leading to memory corruption. The exploit triggers the vulnerability by freeing the CFormElement object and then writing to the freed memory.

Classification

Working Poc 95%

Attack Type

Rce

Complexity

Moderate

Reliability

Reliable

Target: Internet Explorer 9, 10

No auth needed

Prerequisites: Victim must visit a malicious webpage using Internet Explorer 9 or 10

MITRE ATT&CK

T1189 - Drive-by Compromise

devstral-2 · analyzed Feb 19, 2026 Full analysis →

References (3)

Core 3

Core References

VDB Entry vdb-entry x_refsource_sectrack

http://www.securitytracker.com/id/1030370

Vendor Advisory vendor-advisory x_refsource_ms

https://docs.microsoft.com/en-us/security-updates/securitybulletins/2014/ms14-035

VDB Entry vdb-entry x_refsource_bid

http://www.securityfocus.com/bid/67876

Scores

EPSS 0.4996

EPSS Percentile 97.9%

Details

CWE

CWE-119

Status published

Products (3)

microsoft/internet_explorer 9

microsoft/internet_explorer 10

microsoft/internet_explorer 11

Published Jun 11, 2014

Tracked Since Feb 18, 2026