|CVSS SCORE||7.5, (AV:N/AC:L/Au:N/C:P/I:P/A:P)|
|TIPPINGPOINT™ IPS CUSTOMER PROTECTION||TippingPoint IPS customers are protected against this vulnerability by Digital Vaccine protection filter ID 13787. For further product information on the TippingPoint IPS: http://www.tippingpoint.com|
The specific flaw exists within the ability to trick the broker into loading a malicious page in a privileged context. The issue lies in the implicit trust of navigating to localhost. An attacker can leverage this vulnerability along with proxy shellcode to execute code under the context of the current user at medium integrity.
03/12/2014 - ZDI disclosed to vendor at Pwn2Own/Pwn4Fun
-- Vendor Mitigation:
* Enable Enhanced Protected Mode. For Internet Explorer 10 on Windows 8 or Internet Explorer 11 on Windows 8.1, users can help protect against exploitation of this vulnerability by changing the Advanced Security settings for Internet Explorer. You can do this by enabling Enhanced Protected Mode (EPM) settings in your browser.
* To enable EPM in Internet Explorer, perform the following steps:
|CREDIT||AbdulAziz Hariri of HP Zero Day Initiative
Matt Molinyawe of HP Zero Day Initiative
Jasiel Spelman of HP Zero Day Initiative