CVE-2014-1776

ENISA EUVD: EUVD-2014-1850 ↗

Exploited in the Wild ✓ Confirmed 0-Day

Triaged: March 20, 2026 2 articles Published: 2014-04-27

VulnLookup ↗ NVD ↗ EUVD ↗ MITRE ↗ CISA KEV ↗

EPSS Score

Source: FIRST.org · 2026-05-24

84.02%

probability

This CVE has a 84.02% probability of being exploited in the next 30 days.

0% Top 99.3th percentile of all CVEs 100%

CVSS v3.1

Source: VulnerabilityLookup (CIRCL)

9.8

CRITICAL

Attack Vector

Network

Attack Complexity

Low

Privileges Required

None

User Interaction

None

Scope

Unchanged

Confidentiality

High

Integrity

High

Availability

High

CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H

Description

VulnerabilityLookup (CNA)

Use-after-free vulnerability in Microsoft Internet Explorer 6 through 11 allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via vectors related to the CMarkup::IsConnectedToPrimaryMarkup function, as exploited in the wild in April 2014. NOTE: this issue originally emphasized VGX.DLL, but Microsoft clarified that "VGX.DLL does not contain the vulnerable code leveraged in this exploit. Disabling VGX.DLL is an exploit-specific workaround that provides an immediate, effective workaround to help block known attacks."

Affected Products

n/a

Attack Intelligence

CWE-118 · Incorrect Access of Indexable Resource ('Range Error') CWE-119 · Buffer Overflow CWE-416 · Use After Free CWE-664 · Improper Control of a Resource Through its Lifetime CWE-666 · Operation on Resource in Wrong Phase of Lifetime CWE-672 · Operation on a Resource after Expiration or Release CWE-825 · Expired Pointer Dereference

http://securitytracker.com/id?1030154

vdb-entry x_refsource_SECTRACK

http://www.osvdb.org/106311

vdb-entry x_refsource_OSVDB

https://docs.microsoft.com/en-us/security-updates/securitybulletins/2014/ms14-021

vendor-advisory x_refsource_MS

http://blogs.technet.com/b/srd/archive/2014/04/30/protection-strategies-for-the-security-advisory-2963983-ie-0day.aspx

x_refsource_CONFIRM

http://secunia.com/advisories/57908

third-party-advisory x_refsource_SECUNIA

http://www.signalsec.com/cve-2014-1776-ie-0day-analysis/

x_refsource_MISC

Signal Intelligence

Confidenceⓘ

82%

EPSS 84.02%

CVSS v3.1 9.8

Mentions 2

Last Seen May 01, 2015

CNA Information

CNA Assigner

microsoft

Analyst Note

CVE-2014-1776 is a critical IE zero-day that Microsoft confirmed in 2014 with active exploitation reported before patch availability. The vulnerability affected all IE versions (6-11) and was widely documented as exploited in the wild prior to remediation, meeting all zero-day criteria.

Threat Actors 2

The Shadow Brokers

apt_group 🇷🇺 RU

Equation Group

apt_group Sabotage and destruction 🇺🇸 US

Triage Info

Decided atMar 20, 2026

Published DateApr 27, 2014