Lucene search
HistoryFeb 12, 2014 - 4:50 a.m.
CVE-2014-0295
4.3 Medium
CVSS2
Attack Vector
NETWORK
Attack Complexity
MEDIUM
Authentication
NONE
Confidentiality Impact
NONE
Integrity Impact
PARTIAL
Availability Impact
NONE
AV:N/AC:M/Au:N/C:N/I:P/A:N
7.3 High
AI Score
Confidence
Low
0.034 Low
EPSS
Percentile
91.5%
VsaVb7rt.dll in Microsoft .NET Framework 2.0 SP2 and 3.5.1 does not implement the ASLR protection mechanism, which makes it easier for remote attackers to execute arbitrary code via a crafted web site, as exploited in the wild in February 2014, aka “VSAVB7RT ASLR Vulnerability.”
Affected configurations
Node
microsoft.net_frameworkMatch2.0sp2
ORmicrosoft.net_frameworkMatch3.5.1
Related
prion
prion
Design/Logic Flaw
2014-02-12 04:50:00
seebug
seebug
Microsoft .NET Framework ASLR安全限制绕过漏洞(CVE-2014-0295)(MS14-009)
2014-02-13 00:00:00
symantec
symantec
Microsoft .NET Framework CVE-2014-0295 ASLR Security Bypass Vulnerability
2014-02-11 00:00:00
cve
cve
CVE-2014-0295
2014-02-12 04:50:41
cvelist
cvelist
CVE-2014-0295
2014-02-12 02:00:00
nessus
nessus
openvas
openvas
Microsoft .NET Framework Multiple Vulnerabilities (2916607)
2014-02-12 00:00:00
Microsoft .NET Framework Multiple Vulnerabilities (2916607)
2014-02-12 00:00:00
mskb
mskb
securityvulns
securityvulns
Microsoft Windows multiple security vulnerabilities
2014-02-11 00:00:00
kaspersky
kaspersky
KLA10603 Multiple vulnerabilities in Microsoft .NET Framework
2014-11-11 00:00:00
4.3 Medium
CVSS2
Attack Vector
NETWORK
Attack Complexity
MEDIUM
Authentication
NONE
Confidentiality Impact
NONE
Integrity Impact
PARTIAL
Availability Impact
NONE
AV:N/AC:M/Au:N/C:N/I:P/A:N
7.3 High
AI Score
Confidence
Low
0.034 Low
EPSS
Percentile
91.5%
Related for NVD:CVE-2014-0295