Lucene search
HistoryNov 11, 2014 - 10:55 p.m.
CVE-2014-4149
microsoft
.net framework
typefilterlevel
vulnerability
cve-2014-4149
nvd
9.3 High
CVSS2
Attack Vector
NETWORK
Attack Complexity
MEDIUM
Authentication
NONE
Confidentiality Impact
COMPLETE
Integrity Impact
COMPLETE
Availability Impact
COMPLETE
AV:N/AC:M/Au:N/C:C/I:C/A:C
7.6 High
AI Score
Confidence
Low
0.381 Low
EPSS
Percentile
97.2%
Microsoft .NET Framework 1.1 SP1, 2.0 SP2, 3.5, 3.5.1, 4, 4.5, 4.5.1, and 4.5.2 does not properly perform TypeFilterLevel checks, which allows remote attackers to execute arbitrary code via crafted data to a .NET Remoting endpoint, aka “TypeFilterLevel Vulnerability.”
Affected configurations
Node
microsoft.net_frameworkMatch1.1sp1
ORmicrosoft.net_frameworkMatch2.0sp2
ORmicrosoft.net_frameworkMatch3.5
ORmicrosoft.net_frameworkMatch3.5.1
ORmicrosoft.net_frameworkMatch4.0
ORmicrosoft.net_frameworkMatch4.5
ORmicrosoft.net_frameworkMatch4.5.1
ORmicrosoft.net_frameworkMatch4.5.2
Related
cvelist
cvelist
CVE-2014-4149
2014-11-11 22:00:00
mskb
mskb
prion
prion
Security feature bypass
2014-11-11 22:55:00
nessus
nessus
nvd
nvd
CVE-2014-4149
2014-11-11 22:55:04
symantec
symantec
openvas
openvas
Microsoft .NET Framework Privilege Elevation Vulnerability (3005210)
2014-11-12 00:00:00
exploitpack
exploitpack
.NET Remoting Services - Remote Command Execution
2014-11-17 00:00:00
exploitdb
exploitdb
.NET Remoting Services - Remote Command Execution
2014-11-17 00:00:00
kaspersky
kaspersky
KLA10603 Multiple vulnerabilities in Microsoft .NET Framework
2014-11-11 00:00:00
securityvulns
securityvulns
Microsoft Windows multiple security vulnerabilities
2015-08-24 00:00:00
9.3 High
CVSS2
Attack Vector
NETWORK
Attack Complexity
MEDIUM
Authentication
NONE
Confidentiality Impact
COMPLETE
Integrity Impact
COMPLETE
Availability Impact
COMPLETE
AV:N/AC:M/Au:N/C:C/I:C/A:C
7.6 High
AI Score
Confidence
Low
0.381 Low
EPSS
Percentile
97.2%
Related for CVE-2014-4149