Security Update for Microsoft .NET Framework 4 on Windows XP, Windows Server 2003, Windows Vista, Windows Server 2008, Windows 7, and Windows Server 2008 R2 (KB2901110) x86 based systems

Risk Information

Base Score

7.4

MODERATE

Vector

CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:H/I:N/A:N/E:F/RL:O/RC:C

EPSS Score

Exploitation Probability

No records found

CVE Information

Source CVE
CVE-2014-0253

Associated CVE
CVE-2014-0253
CVE-2014-0295
CVE-2014-0257

Patch Details

Patch associated with this vulnerability is supported by ManageEngine.

Patch ID
15009

Patch Description
Security Update for Microsoft .NET Framework 4 on Windows XP, Windows Server 2003, Windows Vista, Windows Server 2008, Windows 7, and Windows Server 2008 R2 (KB2901110)

References

http://osvdb.org/103162
http://osvdb.org/103164
http://packetstormsecurity.com/files/127246/MS14-009-.NET-Deployment-Service-IE-Sandbox-Escape.html
http://secunia.com/advisories/56793
http://technet.microsoft.com/security/bulletin/MS14-009
http://www.exploit-db.com/exploits/33892
http://www.greyhathacker.net/?p=585
http://www.osvdb.org/103163
http://www.securityfocus.com/bid/65415
http://www.securityfocus.com/bid/65417
http://www.securityfocus.com/bid/65418
http://www.securitytracker.com/id/1029745