CVE-2014-2817

CVSS 8.8 HIGHEPSS 26.3%● KEV

In short

A flaw in Microsoft Internet Explorer versions 6 through 11 allows attackers to gain elevated system privileges by tricking users into visiting a malicious website. This is dangerous because it lets attackers bypass security protections and take full control of the affected computer.

Technical detail

Elevation of privilege vulnerability in IE 6-11 exploitable through specially crafted web content delivered via remote attack vector. Requires user interaction (visiting a malicious site) but results in privilege escalation, allowing attackers to execute arbitrary code with elevated system rights.

Summary generated and translated by AI from the official description.

Microsoft Internet Explorer 6 through 11 allows remote attackers to gain privileges via a crafted web site, aka "Internet Explorer Elevation of Privilege Vulnerability."

CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H

Affected products

n/a · n/a

Want to know if your infrastructure is exposed to this?

Talk to TrueHacking →

References

https://docs.microsoft.com/en-us/security-updates/securitybulletins/2014/ms14-051 https://www.cisa.gov/known-exploited-vulnerabilities-catalog?field_cve=CVE-2014-2817 http://www.securityfocus.com/bid/69092 http://www.securitytracker.com/id/1030715