CVE-2014-1765

Multiple use-after-free vulnerabilities in Microsoft Internet Explorer 6 through 11 allow remote attackers to execute arbitrary code via unspecified vectors, as demonstrated by Sebastian Apelt and Andreas Schmidt during a Pwn2Own competition at CanSecWest 2014.

Date published : 2014-04-27

Congratulations to Sebastian Apelt and Andreas Schmidt; Microsoft, prepare once more for #pwn2own disclosure. Next match at 3pm.

— Zero Day Initiative (@thezdi) March 13, 2014

http://www.pwn2own.com/2014/03/pwn2own-results-thursday-day-two/