CVE-2014-2759
Microsoft Internet Explorer 9-11 - Remote Code Execution via Memory Corruption
Title source: llmExploitation Summary
EIP tracks 1 public exploit for CVE-2014-2759.
AI-analyzed exploit summary This is a functional proof-of-concept for a use-after-free vulnerability in Internet Explorer 9 and 10, where a freed CFormElement object is accessed, leading to memory corruption. The exploit triggers the vulnerability by manipulating the DOM and forcing a click event on an input element after its parent form is removed.
Description
Microsoft Internet Explorer 9 through 11 allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via a crafted web site, aka "Internet Explorer Memory Corruption Vulnerability," a different vulnerability than CVE-2014-1773, CVE-2014-1783, CVE-2014-1784, CVE-2014-1786, CVE-2014-1795, CVE-2014-1805, CVE-2014-2758, CVE-2014-2765, CVE-2014-2766, and CVE-2014-2775.
Exploits (1)
This is a functional proof-of-concept for a use-after-free vulnerability in Internet Explorer 9 and 10, where a freed CFormElement object is accessed, leading to memory corruption. The exploit triggers the vulnerability by manipulating the DOM and forcing a click event on an input element after its parent form is removed.