CVE-2014-1802

Microsoft Internet Explorer 10-11 - Memory Corruption

Title source: llm

Exploitation Summary

EIP tracks 1 public exploit for CVE-2014-1802.

AI-analyzed exploit summary This HTML/JavaScript PoC demonstrates a use-after-free vulnerability in Internet Explorer 9/10 (CVE-2014-1802) by manipulating the DOM to free a CFormElement object while still referencing it, leading to memory corruption. The exploit triggers the vulnerability via the DoClick function, causing writes to freed memory.

Description

Microsoft Internet Explorer 10 and 11 allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via a crafted web site, aka "Internet Explorer Memory Corruption Vulnerability," a different vulnerability than CVE-2014-1772, CVE-2014-1780, CVE-2014-1794, CVE-2014-1797, CVE-2014-2756, CVE-2014-2763, CVE-2014-2764, CVE-2014-2769, and CVE-2014-2771.

Exploits (1)

exploitdb WORKING POC

htmldoswindows_x86

https://www.exploit-db.com/exploits/34010

View Code ZIP pw:eip

This HTML/JavaScript PoC demonstrates a use-after-free vulnerability in Internet Explorer 9/10 (CVE-2014-1802) by manipulating the DOM to free a CFormElement object while still referencing it, leading to memory corruption. The exploit triggers the vulnerability via the DoClick function, causing writes to freed memory.

Classification

Working Poc 95%

Attack Type

Rce

Complexity

Moderate

Reliability

Reliable

Target: Microsoft Internet Explorer 9, 10

No auth needed

Prerequisites: Victim must visit a malicious webpage using Internet Explorer 9 or 10

MITRE ATT&CK

T1189 - Drive-by Compromise

devstral-2 · analyzed Feb 19, 2026 Full analysis →

References (3)

Core 3

Core References

Third Party Advisory, VDB Entry vdb-entry x_refsource_sectrack

http://www.securitytracker.com/id/1030370

Vendor Advisory vendor-advisory x_refsource_ms

https://docs.microsoft.com/en-us/security-updates/securitybulletins/2014/ms14-035

Third Party Advisory, VDB Entry vdb-entry x_refsource_bid

http://www.securityfocus.com/bid/67833

Scores

EPSS 0.5190

EPSS Percentile 98.0%

Details

CWE

CWE-119

Status published

Products (2)

microsoft/internet_explorer 10

microsoft/internet_explorer 11

Published Jun 11, 2014

Tracked Since Feb 18, 2026