Lucene search
K
Database
Vendors
Products
Years
CVSS
Scanner
Agent Scanning
API Scanning
Manual Audit
Perimeter Scanner
Scanning
Projects
Email
Webhook
Plugins
Resources
Documents
Blog
Glossary
FAQ
Pricing
Contacts
About Us
Partners
Branding Guideline
kasperskyKaspersky LabKLA10601
HistoryNov 11, 2014 - 12:00 a.m.

KLA10601 Multiple vulnerabilities in Microsoft products

2014-11-1100:00:00
Kaspersky Lab
threats.kaspersky.com
3680

10 High

CVSS2

Attack Vector

NETWORK

Attack Complexity

LOW

Authentication

NONE

Confidentiality Impact

COMPLETE

Integrity Impact

COMPLETE

Availability Impact

COMPLETE

AV:N/AC:L/Au:N/C:C/I:C/A:C

8.8 High

CVSS3

Attack Vector

NETWORK

Attack Complexity

LOW

Privileges Required

NONE

User Interaction

REQUIRED

Scope

UNCHANGED

Confidentiality Impact

HIGH

Integrity Impact

HIGH

Availability Impact

HIGH

CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H

8.8 High

AI Score

Confidence

High

0.974 High

EPSS

Percentile

99.9%

JSON

Multiple serious vulnerabilities have been found in Microsoft products. Malicious users can exploit these vulnerabilities to bypass security restrictions, cause denial of service gain privileges, execute arbitrary code or obtain sensitive information.

Below is a complete list of vulnerabilities

  1. Improper input validation can be exploited locally via a specially designed input;
  2. Improper thread handling can be exploited locally via unknown vectors;
  3. Improper 2D figures handling can be exploited remotely via a specially designed files;
  4. Improper JPEG files parsing can be exploited remotely via a specially designed file or memory manipulations;
  5. An unknown vulnerability can be exploited remotely via a specially designed web content;
  6. An unknown vulnerability can be exploited remotely via vectors related to IPv6;
  7. Improper handling objects in memory can be exploited remotely via an unknown vectors;
  8. Improper file associations handling can be exploited remotely via vectors related to Windows Shell;
  9. Improper user state validation can be exploited remotely via vectors related to SAMR;
  10. Improper iSCSI packets handling can be exploited remotely via an unknown vectors;
  11. An unknown vulnerability can be exploited remotely via vectors related to RDP, On-Screen keyboard, DirectShow, Internet Explorer, Microsoft IME for Japanese and Task Sheduler;
  12. Improper .bat or .cmd files processing can be exploited locally via DLL hijack;
  13. Improper passwords handling can be exploited remotely via share access;
  14. Improper TCP implementation can be exploited remotely via a specially designed TCP header;
  15. Use-After-free can be exploited remotely via a specially designed Office document;
  16. Improper font files restrictions can be exploited locally via a specially designed file;
  17. Improper signatures validation can be exploited remotely via vectors related to Kerberos KDC;
  18. Memory leak can be exploited remotely via a specially designed client;
  19. Double free vulnerability can be exploited locally via a specially designed application;
  20. An unknown vulnerability can be exploited via specially designed application;
  21. Improper addresses validation can be exploited locally via specially designed IOCTL call;
  22. Improper XML handling can be exploited remotely via a specially designed XML content;
  23. Improper permissions validation can be exploited remotely via vectors related to Microsoft audio component;
  24. Improper handling failed login attempts can be exploited via vectors related to RDP;
  25. Improper memory allocation can be exploited remotely via a specially designed USB device;
  26. An unknown vulnerability can be exploited remotely via a specially designed OLE object;
  27. Improper packets handling can be exploited remotely via a vectors related to Secure Channel;
  28. An unknown vulnerability can be exploited remotely via a specially designed Journal.

Original advisories

CVE-2014-1816

CVE-2014-6532

CVE-2014-0266

CVE-2014-4076

CVE-2014-6321

CVE-2014-6322

CVE-2014-6324

CVE-2014-1767

CVE-2014-4077

CVE-2014-4074

CVE-2014-1807

CVE-2013-5065

CVE-2014-0300

CVE-2014-0323

CVE-2014-4971

CVE-2014-0301

CVE-2014-0262

CVE-2014-0263

CVE-2014-4115

CVE-2014-4113

CVE-2014-0315

CVE-2014-0316

CVE-2014-0317

CVE-2014-0255

CVE-2014-0318

CVE-2014-4118

CVE-2014-6352

CVE-2014-6332

CVE-2014-0296

CVE-2014-0256

CVE-2014-1811

CVE-2014-0254

CVE-2014-1819

CVE-2014-6355

CVE-2014-2780

CVE-2014-2781

CVE-2014-1812

CVE-2014-4064

CVE-2014-6318

CVE-2014-1814

CVE-2014-4060

CVE-2014-1824

CVE-2014-6317

CVE-2014-4114

CVE-2014-4148

Exploitation

Public exploits exist for this vulnerability.

Malware exists for this vulnerability. Usually such malware is classified as Exploit. More details.

Related products

Microsoft-Windows-Vista-4

Microsoft-Windows-Server-2012

Microsoft-Windows-8

Microsoft-Windows-7

Microsoft-Windows-Server-2008

Microsoft-Windows-Server-2003

Windows-RT

Microsoft-Windows-XP

CVE list

CVE-2014-1816 warning

CVE-2014-6532 critical

CVE-2014-0266 high

CVE-2014-4076 high

CVE-2014-6321 critical

CVE-2014-6322 warning

CVE-2014-6324 critical

CVE-2014-1767 high

CVE-2014-4077 critical

CVE-2014-4074 high

CVE-2014-1807 high

CVE-2013-5065 high

CVE-2014-0300 high

CVE-2014-0323 high

CVE-2014-4971 high

CVE-2014-0301 critical

CVE-2014-0262 high

CVE-2014-0263 critical

CVE-2014-4115 high

CVE-2014-4113 high

CVE-2014-0315 high

CVE-2014-0316 high

CVE-2014-0317 high

CVE-2014-0255 warning

CVE-2014-0318 high

CVE-2014-4118 critical

CVE-2014-6352 critical

CVE-2014-6332 critical

CVE-2014-0296 high

CVE-2014-0256 warning

CVE-2014-1811 warning

CVE-2014-0254 high

CVE-2014-1819 high

CVE-2014-6355 warning

CVE-2014-2780 high

CVE-2014-2781 high

CVE-2014-1812 critical

CVE-2014-4064 warning

CVE-2014-6318 warning

CVE-2014-1814 high

CVE-2014-4060 high

CVE-2014-1824 critical

CVE-2014-6317 high

CVE-2014-4114 critical

CVE-2014-4148 critical

KB list

2966631

2957482

2966061

2939576

2922229

2973201

2975689

2957189

3013126

2969259

2929961

3010788

2984615

2914368

3003743

3002885

2904659

2961858

3005607

2962490

2592687

2966034

2993958

2988948

2961072

2926765

2973932

2962123

2998579

2989935

2973906

2961899

2933826

2962478

2975685

2975684

2916036

2975681

2978742

2933528

2934418

2993254

2978668

2974286

2928120

2991963

2992611

3000869

3011443

2923392

2962488

2918614

2962485

2889913

2912390

2962486

2930275

2919355

2965788

2972280

2962073

2971850

2992719

2993651

3000061

2913602

2976897

2973408

3006226

3011780

Solution

Install necessary updates from the KB section, that are listed in your Windows Update (Windows Update usually can be accessed from the Control Panel)

Impacts

  • ACE

Arbitrary code execution. Exploitation of vulnerabilities with this impact can lead to executing by abuser any code or commands at vulnerable machine or process.

  • OSI

Obtain sensitive information. Exploitation of vulnerabilities with this impact can lead to capturing by abuser information, critical for user or system.

  • DoS

Denial of service. Exploitation of vulnerabilities with this impact can lead to loss of system availability or critical functional fault.

  • SB

Security bypass. Exploitation of vulnerabilities with this impact can lead to performing actions restricted by current security settings.

  • WLF

Write Local Files. Exploitation of vulnerabilities with this impact can lead to writing into some inaccessible files. Files that can be read depends on concrete program errors.

  • PE

Privilege escalation. Exploitation of vulnerabilities with this impact can lead to performing by abuser actions, which are normally disallowed for current role.

  • RLF

Read Local Files. Exploitation of vulnerabilities with this impact can lead to reading some inaccessible files. Files that can be read depends on conсrete program errors.

  • SUI

Spoof user interface. Exploitation of vulnerabilities with this impact can lead to changes in user interface to beguile user into inaccurate behavior.

  • LoI

Loss of integrity. Exploitation of vulnerabilities with this impact can lead to partial system fault or system components connection disruption.

Affected Products

  • Windows XP Service pack 3Windows XP Professional x64 Service Pack 3Windows Server 2003 x86, x64, Itanium Service Pack 2Windows Vista x86, x64 Service Pack 2Windows Server 2008 x86, x64, Itanium Service Pack 2Windows 7 x86, x64 Service Pack 1Windows Server 2008 R2 x64, Itanium Service Pacl 1Windows 8 x86, x64Windows 8.1 x86, x64Windows Server 2012Windows Server 2012 R2Windows RTWindows RT 8.1

References

Related

securityvulns 6
thn 4
threatpost 5
nessus 18
openvas 19
mskb 3
checkpoint_advisories 12
packetstorm 12
fireeye 5
attackerkb 5
cvelist 10
cve 13
prion 15
nvd 11
symantec 15
seebug 6
cert 2
msrc 1
zdt 9
canvas 2
f5 2
exploitpack 5
cisa_kev 3
huawei 1
metasploit 3
vulnerlab 2
exploitdb 1
saint 6
hackerone 1
cisa 1
kaspersky 1
securityvulns
securityvulns
Microsoft Windows multiple security vulnerabilities
2014-05-14 00:00:00
Microsoft Windows multiple security vulnerabilities
2014-03-18 00:00:00
Microsoft Windows security vulnerabilities
2014-01-15 00:00:00
thn
thn
Microsoft Patches 3 Zero-day Vulnerabilities actively being Exploited in the Wild
2014-10-15 01:14:00
Microsoft PowerPoint Vulnerable to Zero-Day Attack
2014-10-22 00:54:00
Microsoft Releases Emergency Out-of-Band Patch for Kerberos Bug MS14-068
2014-11-18 19:20:00
threatpost
threatpost
Firms Detail Zero Days Targeting Windows Kernel
2014-10-15 14:58:13
November 2014 Microsoft Patch Tuesday Security Bulletins
2014-11-11 14:07:38
ThreatList: Exploit Kits Still a Top Web-based Threat
2018-07-02 18:32:00
nessus
nessus
MS14-045: Vulnerabilities in Kernel-Mode Drivers Could Allow Elevation of Privilege (2984615)
2014-08-12 00:00:00
MS14-064: Vulnerabilities in Windows OLE Could Allow Remote Code Execution (3011443)
2014-11-11 00:00:00
MS14-028: Vulnerabilities in iSCSI Could Allow Denial of Service (2962485)
2014-05-14 00:00:00
openvas
openvas
Microsoft Windows Kernel-Mode Drivers Privilege Escalation Vulnerabilities (2984615)
2014-08-13 00:00:00
Microsoft Windows OLE Object Handling Code Execution Vulnerabilities (3011443)
2014-11-12 00:00:00
Microsoft Windows Kernel Privilege Escalation Vulnerabilities (2930275)
2014-03-12 00:00:00
mskb
mskb
MS14-045: Vulnerabilities in kernel-mode drivers could allow elevation of privilege: August 12, 2014
2014-08-12 00:00:00
MS14-064: Vulnerabilities in Windows OLE could allow remote code execution: November 11, 2014
2014-11-11 00:00:00
MS14-028: Vulnerabilities in iSCSI could allow denial of service: May 13, 2014
2014-05-13 00:00:00
checkpoint_advisories
checkpoint_advisories
Microsoft Windows OLE Remote Code Execution (MS14-060; CVE-2014-4114; CVE-2014-6352)
2014-10-14 00:00:00
Microsoft Windows OLE Remote Code Execution (MS14-060) - ver 2 (CVE-2014-4114; CVE-2014-6352)
2014-10-19 00:00:00
Microsoft Windows Audio Service Elevation of Privilege (MS14-071; CVE-2014-6322)
2014-11-11 00:00:00
packetstorm
packetstorm
MS14-064 Microsoft Windows OLE Package Manager Code Execution Through Python
2014-11-14 00:00:00
Microsoft Windows NDPROXY Local SYSTEM Privilege Escalation
2013-12-05 00:00:00
MS14-002 Windows NDProxy Privilege Escalation
2015-08-07 00:00:00
fireeye
fireeye
CARBANAK Week Part Two: Continuing the CARBANAK Source Code Analysis
2019-04-23 17:45:00
Threat actors leverage EternalBlue exploit to deliver non-WannaCry payloads
2017-06-02 09:00:00
Threat actors leverage EternalBlue exploit to deliver non-WannaCry payloads
2017-06-02 09:00:00
attackerkb
attackerkb
Microsoft Internet Explorer Use-After-Free Vulnerability
2014-10-15 00:00:00
CVE-2014-6324 - Microsoft Kerberos Checksum Validation Vulnerability
2014-11-18 00:00:00
CVE-2013-5065 Microsoft NDProxy.sys Privilege Escalation
2013-11-28 00:00:00
cvelist
cvelist
CVE-2014-6322
2014-11-11 22:00:00
CVE-2014-6318
2014-11-11 22:00:00
CVE-2013-5065
2013-11-27 23:00:00
cve
cve
CVE-2014-6322
2014-11-11 22:55:05
CVE-2014-6317
2014-11-11 22:55:04
CVE-2014-6355
2014-12-11 00:59:08
prion
prion
Code injection
2014-11-11 22:55:00
Remote code execution
2014-11-11 22:55:00
Design/Logic Flaw
2014-11-11 22:55:00
nvd
nvd
CVE-2014-6322
2014-11-11 22:55:05
CVE-2014-6355
2014-12-11 00:59:08
CVE-2014-6317
2014-11-11 22:55:04
symantec
symantec
Microsoft Windows CVE-2014-6322 Remote Privilege Escalation Vulnerability
2014-11-11 00:00:00
Microsoft Windows Kerberos Checksum CVE-2014-6324 Remote Privilege Escalation Vulnerability
2014-11-11 00:00:00
Microsoft Windows Kernel TrueType Font Parsing CVE-2014-6317 Denial of Service Vulnerability
2014-11-11 00:00:00
seebug
seebug
ESKIMOROLL-ms14-068 Windows vulnerability in the Key Distribution Center (KDC) service (CVE-2014-6324)
2017-04-15 00:00:00
Windows NDPROXY - 本地权限提升漏洞(MS14-002)
2014-07-01 00:00:00
IE Godmode remote code execution vulnerability, CVE-2014-6332)
2017-03-06 00:00:00
cert
cert
Microsoft Windows Kerberos Key Distribution Center (KDC) fails to properly validate Privilege Attribute Certificate (PAC) signature
2014-11-18 00:00:00
Microsoft Windows Object Linking and Embedding (OLE) OleAut32 library SafeArrayRedim function vulnerable to remote code execution via Internet Explorer
2014-11-13 00:00:00
msrc
msrc
Additional information about CVE-2014-6324
2014-11-18 08:00:00
zdt
zdt
Windows Kerberos - Elevation of Privilege (MS14-068) Exploit
2014-12-09 00:00:00
Microsoft Internet Explorer Windows OLE Automation Array Remote Code Execution Exploit
2014-12-01 00:00:00
Internet Download Manager - OLE Automation Array Remote Code Execution Exploit
2015-07-21 00:00:00
canvas
canvas
Immunity Canvas: MS14_068
2014-11-18 23:59:00
Immunity Canvas: MS14_064_IE_OLEAUT32
2014-11-11 22:55:00
f5
f5
SOL16128 - Microsoft Schannel vulnerability CVE-2014-6321
2015-02-12 00:00:00
K16128 : Microsoft Schannel vulnerability CVE-2014-6321
2015-02-12 00:00:00
exploitpack
exploitpack
Microsoft Windows - NDPROXY SYSTEM Privilege Escalation (MS14-002)
2013-12-03 00:00:00
Microsoft Internet Explorer 11 - OLE Automation Array Remote Code Execution (1)
2014-11-13 00:00:00
IBM Security AppScan Standard 9.0.2 - OLE Automation Array Remote Code Execution
2015-06-01 00:00:00
cisa_kev
cisa_kev
Microsoft Kerberos Key Distribution Center (KDC) Privilege Escalation Vulnerability
2022-03-25 00:00:00
Microsoft Windows Code Injection Vulnerability
2022-02-25 00:00:00
Microsoft Windows Kernel Privilege Escalation Vulnerability
2022-03-03 00:00:00
huawei
huawei
Security Advisory - Privilege Elevation Vulnerability in Microsoft Windows Kerberos Key Distribution Center
2020-09-09 00:00:00
metasploit
metasploit
MS14-068 Microsoft Kerberos Checksum Validation Vulnerability
2014-12-22 20:29:02
MS14-064 Microsoft Internet Explorer Windows OLE Automation Array Remote Code Execution
2014-11-24 07:25:18
MS14-064 Microsoft Windows OLE Package Manager Code Execution
2014-11-12 07:10:49
vulnerlab
vulnerlab
MS HTA (HTML Application) - Code Execution (MS14-064)
2015-08-15 00:00:00
MS HTA (HTML Application) - Code Execution (MS14-064)
2015-08-15 00:00:00
exploitdb
exploitdb
IBM Security AppScan Standard 9.0.2 - OLE Automation Array Remote Code Execution
2015-06-01 00:00:00
saint
saint
Windows OLE Automation Array command execution
2014-11-17 00:00:00
Windows OLE Automation Array command execution
2014-11-17 00:00:00
Windows OLE Automation Array command execution
2014-11-17 00:00:00
hackerone
hackerone
Sandbox Escape: Win32k Window Handle Vulnerability (EoP)
2014-01-14 00:00:00
cisa
cisa
Microsoft Releases Advisory for Unpatched Windows Vulnerability
2014-10-22 00:00:00
kaspersky
kaspersky
KLA10013 OSI vulnerability in multiple Microsoft XML Core Services
2014-06-10 00:00:00

10 High

CVSS2

Attack Vector

NETWORK

Attack Complexity

LOW

Authentication

NONE

Confidentiality Impact

COMPLETE

Integrity Impact

COMPLETE

Availability Impact

COMPLETE

AV:N/AC:L/Au:N/C:C/I:C/A:C

8.8 High

CVSS3

Attack Vector

NETWORK

Attack Complexity

LOW

Privileges Required

NONE

User Interaction

REQUIRED

Scope

UNCHANGED

Confidentiality Impact

HIGH

Integrity Impact

HIGH

Availability Impact

HIGH

CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H

8.8 High

AI Score

Confidence

High

0.974 High

EPSS

Percentile

99.9%

JSON
Related for KLA10601
securityvulns6thn4threatpost5nessus18openvas19mskb3checkpoint_advisories12packetstorm12fireeye5attackerkb5cvelist10cve13prion15nvd11symantec15seebug6cert2msrc1zdt9canvas2f52exploitpack5cisa_kev3huawei1metasploit3vulnerlab2exploitdb1saint6hackerone1cisa1kaspersky1