admin/nvd-json-data-feeds
1
0
Fork 0
mirror of https://github.com/fkie-cad/nvd-json-data-feeds.git synced 2025-05-28 09:11:28 +00:00
Code Issues Packages Projects Releases Wiki Activity
nvd-json-data-feeds/CVE-2014/CVE-2014-41xx/CVE-2014-4149.json
René Helmke 7791f18b51 bootstrap
2023-05-16 16:09:41 +02:00

125 lines
4.2 KiB
JSON
Raw Blame History

{
"id": "CVE-2014-4149",
"sourceIdentifier": "secure@microsoft.com",
"published": "2014-11-11T22:55:04.857",
"lastModified": "2018-10-12T22:07:27.817",
"vulnStatus": "Modified",
"descriptions": [
{
"lang": "en",
"value": "Microsoft .NET Framework 1.1 SP1, 2.0 SP2, 3.5, 3.5.1, 4, 4.5, 4.5.1, and 4.5.2 does not properly perform TypeFilterLevel checks, which allows remote attackers to execute arbitrary code via crafted data to a .NET Remoting endpoint, aka \"TypeFilterLevel Vulnerability.\""
},
{
"lang": "es",
"value": "Microsoft .NET Framework 1.1 SP1, 2.0 SP2, 3.5, 3.5.1, 4, 4.5, 4.5.1, y 4.5.2 no realiza debidamente las comprobaciones TypeFilterLevel, lo que permite a atacantes remotos ejecutar c\u00f3digo arbitrario a trav\u00e9s de datos manipulados en un endpoint .NET Remoting, tambi\u00e9n conocido como 'vulnerabilidad de TypeFilterLevel.'"
}
],
"metrics": {
"cvssMetricV2": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"cvssData": {
"version": "2.0",
"vectorString": "AV:N/AC:M/Au:N/C:C/I:C/A:C",
"accessVector": "NETWORK",
"accessComplexity": "MEDIUM",
"authentication": "NONE",
"confidentialityImpact": "COMPLETE",
"integrityImpact": "COMPLETE",
"availabilityImpact": "COMPLETE",
"baseScore": 9.3
},
"baseSeverity": "HIGH",
"exploitabilityScore": 8.6,
"impactScore": 10.0,
"acInsufInfo": false,
"obtainAllPrivilege": false,
"obtainUserPrivilege": false,
"obtainOtherPrivilege": false,
"userInteractionRequired": false
}
]
},
"weaknesses": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"description": [
{
"lang": "en",
"value": "CWE-20"
}
]
}
],
"configurations": [
{
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:a:microsoft:.net_framework:1.1:sp1:*:*:*:*:*:*",
"matchCriteriaId": "0BF6AE15-EAC3-4100-A742-211026C79CCC"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:a:microsoft:.net_framework:2.0:sp2:*:*:*:*:*:*",
"matchCriteriaId": "42A6DF09-B8E1-414D-97E7-453566055279"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:a:microsoft:.net_framework:3.5:*:*:*:*:*:*:*",
"matchCriteriaId": "E039CE1F-B988-4741-AE2E-5B36E2AF9688"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:a:microsoft:.net_framework:3.5.1:*:*:*:*:*:*:*",
"matchCriteriaId": "8EDC4407-7E92-4E60-82F0-0C87D1860D3A"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:a:microsoft:.net_framework:4.0:*:*:*:*:*:*:*",
"matchCriteriaId": "792B417F-96A0-4E9D-9E79-5D7F982E2225"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:a:microsoft:.net_framework:4.5:*:*:*:*:*:*:*",
"matchCriteriaId": "61FAD9EE-FA7F-4B39-8A9B-AFFAEC8BF214"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:a:microsoft:.net_framework:4.5.1:*:*:*:*:*:*:*",
"matchCriteriaId": "299DBEAE-1829-47A9-B09E-4AF327831B69"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:a:microsoft:.net_framework:4.5.2:*:*:*:*:*:*:*",
"matchCriteriaId": "40B3A045-B08A-44E0-91BE-726753F6A362"
}
]
}
]
}
],
"references": [
{
"url": "http://blogs.technet.com/b/srd/archive/2014/11/11/ms14-072-net-remoting-elevation-of-privilege-vulnerability.aspx",
"source": "secure@microsoft.com",
"tags": [
"Vendor Advisory"
]
},
{
"url": "http://www.securitytracker.com/id/1031188",
"source": "secure@microsoft.com"
},
{
"url": "https://docs.microsoft.com/en-us/security-updates/securitybulletins/2014/ms14-072",
"source": "secure@microsoft.com"
}
]
}
Reference in New Issue View Git Blame Copy Permalink