Lucene search
HistoryOct 15, 2014 - 10:55 a.m.
CVE-2014-4122
microsoft
.net framework
aslr
vulnerability
nvd
4.3 Medium
CVSS2
Attack Vector
NETWORK
Attack Complexity
MEDIUM
Authentication
NONE
Confidentiality Impact
PARTIAL
Integrity Impact
NONE
Availability Impact
NONE
AV:N/AC:M/Au:N/C:P/I:N/A:N
6.1 Medium
AI Score
Confidence
Low
0.019 Low
EPSS
Percentile
88.7%
Microsoft .NET Framework 2.0 SP2, 3.5, and 3.5.1 omits the ASLR protection mechanism, which allows remote attackers to obtain potentially sensitive information about memory addresses by leveraging the predictability of an executable image’s location, aka “.NET ASLR Vulnerability.”
Affected configurations
Node
microsoft.net_frameworkMatch2.0sp2
ORmicrosoft.net_frameworkMatch3.5
ORmicrosoft.net_frameworkMatch3.5.1
Related
symantec
symantec
Microsoft .NET Framework CVE-2014-4122 ASLR Security Bypass Vulnerability
2014-10-14 00:00:00
nvd
nvd
CVE-2014-4122
2014-10-15 10:55:07
cvelist
cvelist
CVE-2014-4122
2014-10-15 10:00:00
prion
prion
Design/Logic Flaw
2014-10-15 10:55:00
nessus
nessus
mskb
mskb
openvas
openvas
Microsoft .NET Framework Remote Code Execution Vulnerability (3000414)
2014-10-15 00:00:00
kaspersky
kaspersky
KLA10603 Multiple vulnerabilities in Microsoft .NET Framework
2014-11-11 00:00:00
securityvulns
securityvulns
Microsoft Windows multiple security vulnerabilities
2014-10-15 00:00:00
4.3 Medium
CVSS2
Attack Vector
NETWORK
Attack Complexity
MEDIUM
Authentication
NONE
Confidentiality Impact
PARTIAL
Integrity Impact
NONE
Availability Impact
NONE
AV:N/AC:M/Au:N/C:P/I:N/A:N
6.1 Medium
AI Score
Confidence
Low
0.019 Low
EPSS
Percentile
88.7%
Related for CVE-2014-4122