CVE-2014-4123

Published: Oct 15, 2014Modified: Apr 21, 2026CISA KEV

8.8

Vector

CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H

Exploitability: 2.8 / Impact: 5.9

Source: NVD

Description

Microsoft Internet Explorer 7 through 11 allows remote attackers to gain privileges via a crafted web site, aka "Internet Explorer Elevation of Privilege Vulnerability," as exploited in the wild in October 2014, a different vulnerability than CVE-2014-4124.

Affected (5)

Products: Microsoft: Internet Explorer

Microsoft

1 product

Internet Explorer

Configuration A

1 vulnerable

Vulnerable Software	Affected Versions
Microsoft Internet Explorer	Version 7

Configuration B

1 vulnerable · 2 platform

Vulnerable Software	Affected Versions
Microsoft Internet Explorer	Version 8

Running on/with	Platform Versions
Microsoft Windows Server 2003	All versions
Microsoft Windows Server 2008	Version r2 sp1

Configuration C

1 vulnerable · 2 platform

Vulnerable Software	Affected Versions
Microsoft Internet Explorer	Version 9

Running on/with	Platform Versions
Microsoft Windows Server 2008	All versions
Microsoft Windows Vista	All versions

Configuration D

1 vulnerable · 3 platform

Vulnerable Software	Affected Versions
Microsoft Internet Explorer	Version 10

Running on/with	Platform Versions
Microsoft Windows 8	All versions
Microsoft Windows Rt	All versions
Microsoft Windows Server 2012	All versions

Configuration E

1 vulnerable · 5 platform

Vulnerable Software	Affected Versions
Microsoft Internet Explorer	Version 11

Running on/with	Platform Versions
Microsoft Windows 7	All versions
Microsoft Windows 8.1	All versions
Microsoft Windows Rt 8.1	All versions
Microsoft Windows Server 2008	Version r2 sp1
Microsoft Windows Server 2012	Version r2