1. Symantec/
  2. Security Response/
  3. Attack Signatures/
  4. Web Attack: MSIE CVE-2014-8967

Web Attack: MSIE CVE-2014-8967

Severity: High

This attack could pose a serious security threat. You should take immediate action to stop any damage or prevent further damage from happening.

Description

This signature detects attempts to exploit a remote code execution vulnerability in Microsoft Internet Explorer.

Additional Information

Microsoft Internet Explorer is a web browser available for multiple platforms.

Microsoft Internet Explorer is prone to a remote code-execution vulnerability. Specifically, this issue occurs because, when applying CSS style of 'display:run-in' to a page can cause an object's reference count to fall to zero prematurely, causing the object to be freed.

Attackers can exploit this issue to execute arbitrary code in the context of the user running the affected application. Failed exploit attempts may result in a denial-of-service condition.

Affected

  • Microsoft Internet Explorer
  • Twitter
  • Facebook
  • LinkedIn
  • Google+
  • YouTube