Lucene search
HistoryFeb 12, 2014 - 4:50 a.m.
CVE-2014-0295
cve-2014-0295
microsoft .net framework
aslr
vsavb7rt
vulnerability
nvd
remote code execution
4.3 Medium
CVSS2
Attack Vector
NETWORK
Attack Complexity
MEDIUM
Authentication
NONE
Confidentiality Impact
NONE
Integrity Impact
PARTIAL
Availability Impact
NONE
AV:N/AC:M/Au:N/C:N/I:P/A:N
7.5 High
AI Score
Confidence
Low
0.034 Low
EPSS
Percentile
91.5%
VsaVb7rt.dll in Microsoft .NET Framework 2.0 SP2 and 3.5.1 does not implement the ASLR protection mechanism, which makes it easier for remote attackers to execute arbitrary code via a crafted web site, as exploited in the wild in February 2014, aka “VSAVB7RT ASLR Vulnerability.”
Affected configurations
Node
microsoft.net_frameworkMatch2.0sp2
ORmicrosoft.net_frameworkMatch3.5.1
| CPE | Name | Operator | Version |
|---|---|---|---|
| microsoft:.net_framework | microsoft .net framework | eq | 2.0 |
| microsoft:.net_framework | microsoft .net framework | eq | 3.5.1 |
Related
prion
prion
Design/Logic Flaw
2014-02-12 04:50:00
symantec
symantec
Microsoft .NET Framework CVE-2014-0295 ASLR Security Bypass Vulnerability
2014-02-11 00:00:00
nvd
nvd
CVE-2014-0295
2014-02-12 04:50:41
cvelist
cvelist
CVE-2014-0295
2014-02-12 02:00:00
seebug
seebug
Microsoft .NET Framework ASLR安全限制绕过漏洞(CVE-2014-0295)(MS14-009)
2014-02-13 00:00:00
nessus
nessus
openvas
openvas
Microsoft .NET Framework Multiple Vulnerabilities (2916607)
2014-02-12 00:00:00
Microsoft .NET Framework Multiple Vulnerabilities (2916607)
2014-02-12 00:00:00
mskb
mskb
securityvulns
securityvulns
Microsoft Windows multiple security vulnerabilities
2014-02-11 00:00:00
kaspersky
kaspersky
KLA10603 Multiple vulnerabilities in Microsoft .NET Framework
2014-11-11 00:00:00
4.3 Medium
CVSS2
Attack Vector
NETWORK
Attack Complexity
MEDIUM
Authentication
NONE
Confidentiality Impact
NONE
Integrity Impact
PARTIAL
Availability Impact
NONE
AV:N/AC:M/Au:N/C:N/I:P/A:N
7.5 High
AI Score
Confidence
Low
0.034 Low
EPSS
Percentile
91.5%
Related for CVE-2014-0295