Arbitrary Code Execution and Sandbox Bypass Vulnerability in Microsoft Internet Explorer 7-11

Arbitrary Code Execution and Sandbox Bypass Vulnerability in Microsoft Internet Explorer 7-11

CVE-2014-1764 · HIGH Severity

AV:N/AC:L/AU:N/C:C/I:C/A:C

Microsoft Internet Explorer 7 through 11 allows remote attackers to execute arbitrary code and bypass a sandbox protection mechanism by leveraging "object confusion" in a broker process, as demonstrated by VUPEN during a Pwn2Own competition at CanSecWest 2014.

Learn more about our Web Application Penetration Testing UK.