Severity Rating: Critical
Revision Note: V1.1 (May 1, 2014): Bulletin revised to specify that the latest cumulative security update for Internet Explorer must be installed prior to installing MS14-021. See the Update FAQ for details.
Summary: This security update resolves a publicly disclosed vulnerability in Internet Explorer. The vulnerability could allow remote code execution if a user views a specially crafted webpage using an affected version of Internet Explorer. An attacker who successfully exploited this vulnerability could gain the same user rights as the current user. Users whose accounts are configured to have fewer user rights on the system could be less impacted than users who operate with administrative user rights.
Monthly Archives: April 2014
Microsoft Internet Explorer Use After Free Vulnerability
A memory corruption vulnerability exists in Microsoft Internet Explorer 6, 7, 8, 9, 10 and 11 and can lead to remote code execution. Exploitation of this vulnerability has been observed in targeted attacks, such as “Operation Clandestine Fox.”
CVE-2014-1776 (internet_explorer)
Use-after-free vulnerability in Microsoft Internet Explorer 6 through 11 allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via vectors related to the CMarkup::IsConnectedToPrimaryMarkup function, as exploited in the wild in April 2014. NOTE: this issue originally emphasized VGX.DLL, but Microsoft clarified that “VGX.DLL does not contain the vulnerable code leveraged in this exploit. Disabling VGX.DLL is an exploit-specific workaround that provides an immediate, effective workaround to help block known attacks.”
CVE-2014-1765 (internet_explorer)
Multiple use-after-free vulnerabilities in Microsoft Internet Explorer 6 through 11 allow remote attackers to execute arbitrary code via unspecified vectors, as demonstrated by Sebastian Apelt and Andreas Schmidt during a Pwn2Own competition at CanSecWest 2014.
CVE-2014-3007
Python Image Library (PIL) 1.1.7 and earlier and Pillow 2.3 might allow remote attackers to execute arbitrary commands via shell metacharacters in unspecified vectors related to CVE-2014-1932, possibly JpegImagePlugin.py. (CVSS:10.0) (Last Update:2014-04-28)
Apache Struts ParametersInterceptor security bypass
A vulnerability in Apache Struts, can allow an attacker to send HTTP requests and achieve remote code execution on the server, i.e. the attacker attains the privilege of running any code in the environment that the web server is running. A proof-of-concept (PoC) exploit has been found to be available in the public domain.
CVE-2014-2327 (cacti, debian_linux, opensuse)
Cross-site request forgery (CSRF) vulnerability in Cacti 0.8.7g, 0.8.8b, and earlier allows remote attackers to hijack the authentication of users for unspecified commands, as demonstrated by requests that (1) modify binary files, (2) modify configurations, or (3) add arbitrary users.
CVE-2014-2328 (cacti, debian_linux, fedora, opensuse)
lib/graph_export.php in Cacti 0.8.7g, 0.8.8b, and earlier allows remote authenticated users to execute arbitrary commands via shell metacharacters in unspecified vectors.
CVE-2014-2893 (clang, opensuse)
The GetHTMLRunDir function in the scan-build utility in Clang 3.5 and earlier allows local users to obtain sensitive information or overwrite arbitrary files via a symlink attack on temporary directories with predictable names.
CVE-2014-0474
The (1) FilePathField, (2) GenericIPAddressField, and (3) IPAddressField model field classes in Django before 1.4.11, 1.5.x before 1.5.6, 1.6.x before 1.6.3, and 1.7.x before 1.7 beta 2 do not properly perform type conversion, which allows remote attackers to have unspecified impact and vectors, related to “MySQL typecasting.” (CVSS:10.0) (Last Update:2014-05-31)