Executive Summary

Summary
TitleVulnerabilities in .NET Framework Could Allow Remote Code Execution (3000414)
Informations
NameMS14-057First vendor Publication2014-10-14
VendorMicrosoftLast vendor Modification2014-12-10
Severity (Vendor) CriticalRevision1.1

Security-Database Scoring CVSS v2

Cvss vector : (AV:N/AC:L/Au:N/C:C/I:C/A:C)
Cvss Base Score10Attack RangeNetwork
Cvss Impact Score10Attack ComplexityLow
Cvss Expoit Score10AuthenticationNone Required
Calculate full CVSS 2.0 Vectors scores

Detail

Severity Rating: Critical
Revision Note: V1.1 (December 10, 2014): Bulletin revised to correct update replacement entries for Microsoft .NET Framework 4.5/4.5.1/4.5.2 (update 2972107)
Summary: This security update resolves three privately reported vulnerabilities in Microsoft .NET Framework. The most severe of the vulnerabilities could allow remote code execution if an attacker sends a specially crafted URI request containing international characters to a .NET web application, causing ASP.NET to generate incorrectly constructed URIs. In .NET 4.0 applications, the vulnerable functionality (iriParsing) is disabled by default; for the vulnerability to be exploitable an application has to explicitly enable this functionality. In .NET 4.5 applications, iriParsing is enabled by default and cannot be disabled.

Original Source

Url : https://technet.microsoft.com/en-us/library/security/MS14-057

CWE : Common Weakness Enumeration

%idName
67 %CWE-264Permissions, Privileges, and Access Controls
33 %CWE-399Resource Management Errors

OVAL Definitions

Definition Id: oval:org.mitre.oval:def:26910
 
Oval ID: oval:org.mitre.oval:def:26910
Title: .NET ClickOnce elevation of privilege vulnerability - CVE-2014-4073 (MS14-057)
Description: Microsoft .NET Framework 2.0 SP2, 3.5, 3.5.1, 4, 4.5, 4.5.1, and 4.5.2 processes unverified data during interaction with the ClickOnce installer, which allows remote attackers to gain privileges via vectors involving Internet Explorer, aka ".NET ClickOnce Elevation of Privilege Vulnerability."
Family: windows Class: vulnerability
Reference(s): CVE-2014-4073
Version: 4
Platform(s): Microsoft Windows 7
Microsoft Windows 8
Microsoft Windows Server 2003
Microsoft Windows Server 2008
Microsoft Windows Server 2008 R2
Microsoft Windows Server 2012
Microsoft Windows Vista
Microsoft Windows 8.1
Microsoft Windows Server 2012 R2
Product(s): Microsoft .NET Framework 2.0
Microsoft .NET Framework 3.5.1
Microsoft .NET Framework 4.0
Microsoft .NET Framework 4.5
Microsoft .NET Framework 4.5.1
Microsoft .NET Framework 4.5.2
Definition Synopsis:
Definition Id: oval:org.mitre.oval:def:26903
 
Oval ID: oval:org.mitre.oval:def:26903
Title: .NET ASLR vulnerability - CVE-2014-4122 (MS14-057)
Description: Microsoft .NET Framework 2.0 SP2, 3.5, and 3.5.1 omits the ASLR protection mechanism, which allows remote attackers to obtain potentially sensitive information about memory addresses by leveraging the predictability of an executable image's location, aka ".NET ASLR Vulnerability."
Family: windows Class: vulnerability
Reference(s): CVE-2014-4122
Version: 3
Platform(s): Microsoft Windows 7
Microsoft Windows 8
Microsoft Windows Server 2008
Microsoft Windows Server 2008 R2
Microsoft Windows Server 2012
Microsoft Windows Vista
Microsoft Windows 8.1
Microsoft Windows Server 2012 R2
Product(s): Microsoft .NET Framework 2.0
Microsoft .NET Framework 3.5.1
Definition Synopsis:
Definition Id: oval:org.mitre.oval:def:26757
 
Oval ID: oval:org.mitre.oval:def:26757
Title: .NET Framework remote code execution vulnerability - CVE-2014-4121 (MS14-057)
Description: Microsoft .NET Framework 2.0 SP2, 3.5, 3.5.1, 4, 4.5, 4.5.1, and 4.5.2 does not properly parse internationalized resource identifiers, which allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via a crafted request to a .NET web application, aka ".NET Framework Remote Code Execution Vulnerability."
Family: windows Class: vulnerability
Reference(s): CVE-2014-4121
Version: 4
Platform(s): Microsoft Windows 7
Microsoft Windows 8
Microsoft Windows Server 2003
Microsoft Windows Server 2008
Microsoft Windows Server 2008 R2
Microsoft Windows Server 2012
Microsoft Windows Vista
Microsoft Windows 8.1
Microsoft Windows Server 2012 R2
Product(s): Microsoft .NET Framework 2.0
Microsoft .NET Framework 3.5.1
Microsoft .NET Framework 4.0
Microsoft .NET Framework 4.5
Microsoft .NET Framework 4.5.1
Microsoft .NET Framework 4.5.2
Definition Synopsis:

CPE : Common Platform Enumeration

TypeDescriptionCount
Application7

Information Assurance Vulnerability Management (IAVM)

DateDescription
2014-10-16IAVM : 2014-A-0147 - Multiple Vulnerabilities in Microsoft .NET Framework
Severity : Category I - VMSKEY : V0055427

Snort® IPS/IDS

DateDescription
2015-10-06Microsoft System.Uri heap corruption attempt
RuleID : 35858 - Revision : 4 - Type : FILE-OTHER
2015-10-06Microsoft System.Uri heap corruption attempt
RuleID : 35857 - Revision : 4 - Type : FILE-OTHER
2014-11-16Microsoft System.Uri heap corruption attempt
RuleID : 32152 - Revision : 4 - Type : FILE-OTHER
2014-11-16Microsoft System.Uri heap corruption attempt
RuleID : 32151 - Revision : 4 - Type : FILE-OTHER
2014-11-16Microsoft System.Uri heap corruption attempt
RuleID : 32150 - Revision : 4 - Type : FILE-OTHER
2014-11-16Microsoft System.Uri heap corruption attempt
RuleID : 32149 - Revision : 4 - Type : FILE-OTHER
2014-11-16Microsoft Internet Explorer DCOM sandbox escape attempt
RuleID : 32140 - Revision : 3 - Type : BROWSER-IE
2014-11-16Microsoft Internet Explorer DCOM sandbox escape attempt
RuleID : 32139 - Revision : 3 - Type : BROWSER-IE

Nessus® Vulnerability Scanner

DateDescription
2014-10-15Name : The version of the .NET Framework installed on the remote host is affected by...
File : smb_nt_ms14-057.nasl - Type : ACT_GATHER_INFO

Alert History

If you want to see full details history, please login or register.
0
1
2
3
4
5
6
7
8
9
10
11
DateInformations
2016-07-21 12:09:33
  • Multiple Updates
2016-04-27 04:53:09
  • Multiple Updates
2015-10-18 17:26:21
  • Multiple Updates
2015-10-06 21:22:55
  • Multiple Updates
2014-12-10 21:28:53
  • Multiple Updates
2014-12-10 21:16:42
  • Multiple Updates
2014-11-16 21:25:27
  • Multiple Updates
2014-10-16 17:26:11
  • Multiple Updates
2014-10-16 13:25:48
  • Multiple Updates
2014-10-15 17:26:02
  • Multiple Updates
2014-10-14 21:27:34
  • Multiple Updates
2014-10-14 21:16:28
  • First insertion