ゼットスケーラーのセキュリティアドバイザリ

セキュリティ アドバイザリー - March 11, 2014

Zscaler Protects against Internet Explorer Memory Corruption Vulnerability

Zscaler, working with Microsoft through their MAPPs program, has proactively deployed protections for the following 17 vulnerabilities included in the March 2014 Microsoft security bulletins. Zscaler will continue to monitor exploits associated with all vulnerabilities in the March release and deploy additional protections as necessary.

MS14-012Internet Explorer Memory Corruption Vulnerability
Severity: Critical
Affected Software

  • Internet Explorer 6-11

CVE-2014-0297 – IE Memory Corruption Vulnerability
CVE-2014-0298 – IE Memory Corruption Vulnerability
CVE-2014-0299 – IE Memory Corruption Vulnerability
CVE-2014-0302 – IE Memory Corruption Vulnerability
CVE-2014-0303 – IE Memory Corruption Vulnerability
CVE-2014-0304 – IE Memory Corruption Vulnerability
CVE-2014-0305 – IE Memory Corruption Vulnerability
CVE-2014-0306 – IE Memory Corruption Vulnerability
CVE-2014-0307 – IE Memory Corruption Vulnerability
CVE-2014-0308 – IE Memory Corruption Vulnerability
CVE-2014-0309 – IE Memory Corruption Vulnerability
CVE-2014-0311 – IE Memory Corruption Vulnerability
CVE-2014-0312 – IE Memory Corruption Vulnerability
CVE-2014-0313 – IE Memory Corruption Vulnerability
CVE-2014-0314 – IE Memory Corruption Vulnerability
CVE-2014-0321 – IE Memory Corruption Vulnerability
CVE-2014-0322 – IE Memory Corruption Vulnerability
CVE-2014-0324 – IE Memory Corruption Vulnerability

Description: Remote code execution vulnerabilities exist when Internet Explorer improperly accesses objects in memory. These vulnerabilities could corrupt memory in such a way that an attacker could execute arbitrary code in the context of the current user.