ID CVE-2014-0253Type cveReporter cve@mitre.orgModified 2018-10-12T22:05:00
Description
Microsoft .NET Framework 1.1 SP1, 2.0 SP2, 3.5, 3.5.1, 4, 4.5, and 4.5.1 does not properly determine TCP connection states, which allows remote attackers to cause a denial of service (ASP.NET daemon hang) via crafted HTTP requests that trigger persistent resource consumption for a (1) stale or (2) closed connection, as exploited in the wild in February 2014, aka "POST Request DoS Vulnerability."
{"id": "CVE-2014-0253", "bulletinFamily": "NVD", "title": "CVE-2014-0253", "description": "Microsoft .NET Framework 1.1 SP1, 2.0 SP2, 3.5, 3.5.1, 4, 4.5, and 4.5.1 does not properly determine TCP connection states, which allows remote attackers to cause a denial of service (ASP.NET daemon hang) via crafted HTTP requests that trigger persistent resource consumption for a (1) stale or (2) closed connection, as exploited in the wild in February 2014, aka \"POST Request DoS Vulnerability.\"", "published": "2014-02-12T04:50:00", "modified": "2018-10-12T22:05:00", "cvss": {"score": 5.0, "vector": "AV:N/AC:L/Au:N/C:N/I:N/A:P"}, "href": "https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2014-0253", "reporter": "cve@mitre.org", "references": ["http://www.securityfocus.com/bid/65415", "http://osvdb.org/103162", "https://docs.microsoft.com/en-us/security-updates/securitybulletins/2014/ms14-009", "http://secunia.com/advisories/56793", "http://www.securitytracker.com/id/1029745"], "cvelist": ["CVE-2014-0253"], "type": "cve", "lastseen": "2021-02-02T06:14:24", "edition": 4, "viewCount": 2, "enchantments": {"dependencies": {"references": [{"type": "symantec", "idList": ["SMNTC-65415"]}, {"type": "seebug", "idList": ["SSV:61430"]}, {"type": "openvas", "idList": ["OPENVAS:903337", "OPENVAS:1361412562310903337"]}, {"type": "mskb", "idList": ["KB2916607"]}, {"type": "nessus", "idList": ["SMB_NT_MS14-009.NASL"]}, {"type": "securityvulns", "idList": ["SECURITYVULNS:VULN:13567"]}, {"type": "kaspersky", "idList": ["KLA10603"]}], "modified": "2021-02-02T06:14:24", "rev": 2}, "score": {"value": 6.1, "vector": "NONE", "modified": "2021-02-02T06:14:24", "rev": 2}, "vulnersScore": 6.1}, "cpe": ["cpe:/a:microsoft:.net_framework:4.0", "cpe:/a:microsoft:.net_framework:4.5.1", "cpe:/a:microsoft:.net_framework:3.5.1", "cpe:/a:microsoft:.net_framework:1.1", "cpe:/a:microsoft:.net_framework:4.5", "cpe:/a:microsoft:.net_framework:3.5", "cpe:/a:microsoft:.net_framework:2.0"], "affectedSoftware": [{"cpeName": "microsoft:.net_framework", "name": "microsoft .net framework", "operator": "eq", "version": "4.5.1"}, {"cpeName": "microsoft:.net_framework", "name": "microsoft .net framework", "operator": "eq", "version": "2.0"}, {"cpeName": "microsoft:.net_framework", "name": "microsoft .net framework", "operator": "eq", "version": "3.5"}, {"cpeName": "microsoft:.net_framework", "name": "microsoft .net framework", "operator": "eq", "version": "3.5.1"}, {"cpeName": "microsoft:.net_framework", "name": "microsoft .net framework", "operator": "eq", "version": "1.1"}, {"cpeName": "microsoft:.net_framework", "name": "microsoft .net framework", "operator": "eq", "version": "4.5"}, {"cpeName": "microsoft:.net_framework", "name": "microsoft .net framework", "operator": "eq", "version": "4.0"}], "cvss2": {"cvssV2": {"accessComplexity": "LOW", "accessVector": "NETWORK", "authentication": "NONE", "availabilityImpact": "PARTIAL", "baseScore": 5.0, "confidentialityImpact": "NONE", "integrityImpact": "NONE", "vectorString": "AV:N/AC:L/Au:N/C:N/I:N/A:P", "version": "2.0"}, "exploitabilityScore": 10.0, "impactScore": 2.9, "obtainAllPrivilege": false, "obtainOtherPrivilege": false, "obtainUserPrivilege": false, "severity": "MEDIUM", "userInteractionRequired": false}, "cvss3": {}, "cpe23": ["cpe:2.3:a:microsoft:.net_framework:1.1:sp1:*:*:*:*:*:*", "cpe:2.3:a:microsoft:.net_framework:4.5.1:*:*:*:*:*:*:*", "cpe:2.3:a:microsoft:.net_framework:2.0:sp2:*:*:*:*:*:*", "cpe:2.3:a:microsoft:.net_framework:3.5.1:*:*:*:*:*:*:*", "cpe:2.3:a:microsoft:.net_framework:4.0:*:*:*:*:*:*:*", "cpe:2.3:a:microsoft:.net_framework:4.5:*:*:*:*:*:*:*", "cpe:2.3:a:microsoft:.net_framework:3.5:*:*:*:*:*:*:*"], "cwe": ["CWE-20"], "scheme": null, "cpeConfiguration": {"CVE_data_version": "4.0", "nodes": [{"cpe_match": [{"cpe23Uri": "cpe:2.3:a:microsoft:.net_framework:4.5.1:*:*:*:*:*:*:*", "vulnerable": true}, {"cpe23Uri": "cpe:2.3:a:microsoft:.net_framework:3.5.1:*:*:*:*:*:*:*", "vulnerable": true}, {"cpe23Uri": "cpe:2.3:a:microsoft:.net_framework:4.0:*:*:*:*:*:*:*", "vulnerable": true}, {"cpe23Uri": "cpe:2.3:a:microsoft:.net_framework:2.0:sp2:*:*:*:*:*:*", "vulnerable": true}, {"cpe23Uri": "cpe:2.3:a:microsoft:.net_framework:4.5:*:*:*:*:*:*:*", "vulnerable": true}, {"cpe23Uri": "cpe:2.3:a:microsoft:.net_framework:3.5:*:*:*:*:*:*:*", "vulnerable": true}, {"cpe23Uri": "cpe:2.3:a:microsoft:.net_framework:1.1:sp1:*:*:*:*:*:*", "vulnerable": true}], "operator": "OR"}]}, "extraReferences": [{"name": "103162", "refsource": "OSVDB", "tags": [], "url": "http://osvdb.org/103162"}, {"name": "56793", "refsource": "SECUNIA", "tags": [], "url": "http://secunia.com/advisories/56793"}, {"name": "MS14-009", "refsource": "MS", "tags": [], "url": "https://docs.microsoft.com/en-us/security-updates/securitybulletins/2014/ms14-009"}, {"name": "1029745", "refsource": "SECTRACK", "tags": [], "url": "http://www.securitytracker.com/id/1029745"}, {"name": "65415", "refsource": "BID", "tags": [], "url": "http://www.securityfocus.com/bid/65415"}], "immutableFields": []}
{"symantec": [{"lastseen": "2018-03-13T10:05:44", "bulletinFamily": "software", "cvelist": ["CVE-2014-0253"], "description": "### Description\n\nMicrosoft .NET Framework is prone to a remote denial-of-service vulnerability. An attacker can exploit this issue to cause an ASP.NET server to become unresponsive, denying service to legitimate users.\n\n### Technologies Affected\n\n * Avaya Aura Conferencing 6.0 SP1 Standard \n * Avaya Aura Conferencing 6.0 Standard \n * Avaya Aura Conferencing 6.0.0 Standard \n * Avaya Aura Conferencing 7.0 Standard \n * Avaya CallPilot 4.0 \n * Avaya CallPilot 4.0.1 \n * Avaya CallPilot 5.0 \n * Avaya CallPilot 5.0.1 \n * Avaya Communication Server 1000 Telephony Manager 3.0 \n * Avaya Communication Server 1000 Telephony Manager 3.0.1 \n * Avaya Communication Server 1000 Telephony Manager 4.0 \n * Avaya Communication Server 1000 Telephony Manager 4.0.1 \n * Avaya Meeting Exchange - Client Registration Server 5.0 \n * Avaya Meeting Exchange - Client Registration Server 5.0.1 \n * Avaya Meeting Exchange - Client Registration Server 5.2 \n * Avaya Meeting Exchange - Client Registration Server 5.2.1 \n * Avaya Meeting Exchange - Client Registration Server 6.0 \n * Avaya Meeting Exchange - Client Registration Server 6.2 \n * Avaya Meeting Exchange - Recording Server 5.0 \n * Avaya Meeting Exchange - Recording Server 5.0.1 \n * Avaya Meeting Exchange - Recording Server 5.2 \n * Avaya Meeting Exchange - Recording Server 5.2.1 \n * Avaya Meeting Exchange - Recording Server 6.0 \n * Avaya Meeting Exchange - Recording Server 6.2 \n * Avaya Meeting Exchange - Streaming Server 5.0 \n * Avaya Meeting Exchange - Streaming Server 5.0.1 \n * Avaya Meeting Exchange - Streaming Server 5.2 \n * Avaya Meeting Exchange - Streaming Server 5.2.1 \n * Avaya Meeting Exchange - Streaming Server 6.0 \n * Avaya Meeting Exchange - Streaming Server 6.2 \n * Avaya Meeting Exchange - Web Conferencing Server 5.0 \n * Avaya Meeting Exchange - Web Conferencing Server 5.0.1 \n * Avaya Meeting Exchange - Web Conferencing Server 5.2 \n * Avaya Meeting Exchange - Web Conferencing Server 5.2.1 \n * Avaya Meeting Exchange - Web Conferencing Server 6.0 \n * Avaya Meeting Exchange - Web Conferencing Server 6.2 \n * Avaya Meeting Exchange - Webportal 5.0 \n * Avaya Meeting Exchange - Webportal 5.0.1 \n * Avaya Meeting Exchange - Webportal 5.2 \n * Avaya Meeting Exchange - Webportal 5.2.1 \n * Avaya Meeting Exchange - Webportal 6.0 \n * Avaya Meeting Exchange - Webportal 6.2 \n * Avaya Messaging Application Server 4 \n * Avaya Messaging Application Server 5 \n * Avaya Messaging Application Server 5.0 \n * Avaya Messaging Application Server 5.0.1 \n * Avaya Messaging Application Server 5.2 \n * Avaya Messaging Application Server 5.2.1 \n * Avaya Messaging Application Server MM 1.1 \n * Avaya Messaging Application Server MM 2.0 \n * Avaya Messaging Application Server MM 3.0 \n * Avaya Messaging Application Server MM 3.1 \n * Microsoft .NET Framework 1.1 SP1 \n * Microsoft .NET Framework 2.0 SP2 \n * Microsoft .NET Framework 3.5 \n * Microsoft .NET Framework 3.5.1 \n * Microsoft .NET Framework 4.0 \n * Microsoft .NET Framework 4.5 \n * Microsoft .NET Framework 4.5.1 \n\n### Recommendations\n\n**Block external access at the network boundary, unless external parties require service.** \nIf global access isn't needed, filter access to the affected computer at the network boundary. Restricting access to only trusted computers and networks might greatly reduce the likelihood of successful exploits.\n\n**Deploy network intrusion detection systems to monitor network traffic for malicious activity.** \nDeploy NIDS to monitor network traffic for signs of anomalous or suspicious activity. This may indicate exploit attempts or activity that results from successful exploits.\n\nUpdates are available. Please see the references or vendor advisory for more information.\n", "modified": "2014-02-11T00:00:00", "published": "2014-02-11T00:00:00", "id": "SMNTC-65415", "href": "https://www.symantec.com/content/symantec/english/en/security-center/vulnerabilities/writeup.html/65415", "type": "symantec", "title": "Microsoft .NET Framework CVE-2014-0253 Remote Denial of Service Vulnerability", "cvss": {"score": 5.0, "vector": "AV:NETWORK/AC:LOW/Au:NONE/C:NONE/I:NONE/A:PARTIAL/"}}], "seebug": [{"lastseen": "2017-11-19T17:36:07", "description": "BUGTRAQ ID: 65415\r\nCVE(CAN) ID: CVE-2014-0253\r\n\r\n.NET\u5c31\u662f\u5fae\u8f6f\u7684\u7528\u6765\u5b9e\u73b0XML\uff0cWeb Services\uff0cSOA\uff08\u9762\u5411\u670d\u52a1\u7684\u4f53\u7cfb\u7ed3\u6784service-oriented architecture\uff09\u548c\u654f\u6377\u6027\u7684\u6280\u672f\u3002.NET Framework\u662f\u5fae\u8f6f\u5f00\u53d1\u7684\u8f6f\u4ef6\u6846\u67b6\uff0c\u4e3b\u8981\u8fd0\u884c\u5728Microsoft Windows\u4e0a\u3002\r\n\r\nMicrosoft ASP.NET\u4e2d\u5b58\u5728\u62d2\u7edd\u670d\u52a1\u6f0f\u6d1e\uff0c\u53ef\u4f7f\u653b\u51fb\u8005\u9020\u6210ASP.NET\u670d\u52a1\u5668\u4e0d\u54cd\u5e94\u3002\r\n0\r\nMicrosoft .NET Framework 4.x\r\nMicrosoft .NET Framework 3.x\r\nMicrosoft .NET Framework 2.x\r\nMicrosoft .NET Framework 1.x\r\n\u4e34\u65f6\u89e3\u51b3\u65b9\u6cd5\uff1a\r\n\r\n* \u914d\u7f6e<serverRuntime>, <requestLimits>, <httpRuntime>\u5143\u7d20\uff0c\u4ee5\u4fbf\u62d2\u7edd\u5229\u7528\u8be5\r\n \u6f0f\u6d1e\u7684\u8bf7\u6c42\u3002\r\n\r\n\u5382\u5546\u8865\u4e01\uff1a\r\n\r\nMicrosoft\r\n---------\r\nMicrosoft\u5df2\u7ecf\u4e3a\u6b64\u53d1\u5e03\u4e86\u4e00\u4e2a\u5b89\u5168\u516c\u544a\uff08MS14-009\uff09\u4ee5\u53ca\u76f8\u5e94\u8865\u4e01:\r\nMS14-009\uff1aVulnerabilities in .NET Framework Could Allow Elevation of Privilege (2916607)\r\n\u94fe\u63a5\uff1ahttp://technet.microsoft.com/security/bulletin/MS14-009", "published": "2014-02-12T00:00:00", "type": "seebug", "title": "Microsoft .NET Framework \u8fdc\u7a0b\u62d2\u7edd\u670d\u52a1\u6f0f\u6d1e(CVE-2014-0253)(MS14-009)", "bulletinFamily": "exploit", "cvelist": ["CVE-2014-0253"], "modified": "2014-02-12T00:00:00", "href": "https://www.seebug.org/vuldb/ssvid-61430", "id": "SSV:61430", "sourceData": "", "sourceHref": "", "cvss": {"score": 5.0, "vector": "AV:NETWORK/AC:LOW/Au:NONE/C:NONE/I:NONE/A:PARTIAL/"}}], "openvas": [{"lastseen": "2020-06-10T19:52:33", "bulletinFamily": "scanner", "cvelist": ["CVE-2014-0257", "CVE-2014-0253", "CVE-2014-0295"], "description": "This host is missing an important security update according to\n Microsoft Bulletin MS14-009.", "modified": "2020-06-09T00:00:00", "published": "2014-02-12T00:00:00", "id": "OPENVAS:1361412562310903337", "href": "http://plugins.openvas.org/nasl.php?oid=1361412562310903337", "type": "openvas", "title": "Microsoft .NET Framework Multiple Vulnerabilities (2916607)", "sourceData": "###############################################################################\n# OpenVAS Vulnerability Test\n#\n# Microsoft .NET Framework Multiple Vulnerabilities (2916607)\n#\n# Authors:\n# Thanga Prakash S <tprakash@secpod.com>\n#\n# Copyright:\n# Copyright (C) 2014 SecPod, http://www.secpod.com\n#\n# This program is free software; you can redistribute it and/or modify\n# it under the terms of the GNU General Public License version 2\n# (or any later version), as published by the Free Software Foundation.\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n###############################################################################\n\nif(description)\n{\n script_oid(\"1.3.6.1.4.1.25623.1.0.903337\");\n script_version(\"2020-06-09T08:59:39+0000\");\n script_cve_id(\"CVE-2014-0253\", \"CVE-2014-0257\", \"CVE-2014-0295\");\n script_bugtraq_id(65415, 65417, 65418);\n script_tag(name:\"cvss_base\", value:\"9.3\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:N/AC:M/Au:N/C:C/I:C/A:C\");\n script_tag(name:\"last_modification\", value:\"2020-06-09 08:59:39 +0000 (Tue, 09 Jun 2020)\");\n script_tag(name:\"creation_date\", value:\"2014-02-12 10:37:08 +0530 (Wed, 12 Feb 2014)\");\n script_name(\"Microsoft .NET Framework Multiple Vulnerabilities (2916607)\");\n\n script_tag(name:\"summary\", value:\"This host is missing an important security update according to\n Microsoft Bulletin MS14-009.\");\n\n script_tag(name:\"vuldetect\", value:\"Checks if a vulnerable version is present on the target host.\");\n\n script_tag(name:\"insight\", value:\"Multiple flaws due to,\n\n - ASP.NET does not properly identify stale HTTP connections.\n\n - An error within the .NET framework when handling certain COM objects.\n\n - Additionally, some unspecified weakness exists.\");\n\n script_tag(name:\"impact\", value:\"Successful exploitation could allow an attacker to bypass certain security\n mechanism and cause denial of service.\");\n\n script_tag(name:\"affected\", value:\"Microsoft .NET Framework 1.0, 1.1, 2.0, 3.0, 3.5, 3.5.1, 4.0, 4.5 and 4.5.1.\");\n\n script_tag(name:\"solution\", value:\"The vendor has released updates. Please see the references for more information.\");\n\n script_tag(name:\"qod_type\", value:\"registry\");\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n\n script_xref(name:\"URL\", value:\"http://support.microsoft.com/kb/2916607\");\n script_xref(name:\"URL\", value:\"https://technet.microsoft.com/en-us/security/bulletin/ms14-009\");\n script_category(ACT_GATHER_INFO);\n script_copyright(\"Copyright (C) 2014 SecPod\");\n script_family(\"Windows : Microsoft Bulletins\");\n script_dependencies(\"smb_reg_service_pack.nasl\");\n script_require_ports(139, 445);\n script_mandatory_keys(\"SMB/WindowsVersion\");\n\n exit(0);\n}\n\ninclude(\"smb_nt.inc\");\ninclude(\"secpod_reg.inc\");\ninclude(\"version_func.inc\");\ninclude(\"secpod_smb_func.inc\");\n\nif(hotfix_check_sp(xp:4, xpx64:3, win2003:3, win2003x64:3, winVista:3, win7:2,\n win7x64:2, win2008:3, win2008r2:2, win8:1, win8x64:1, win8_1:1, win8_1x64:1, win2012:1) <= 0){\n exit(0);\n}\n\nkey = \"SOFTWARE\\Microsoft\\ASP.NET\\\";\nif(!registry_key_exists(key:key)){\n exit(0);\n}\n\nforeach item (registry_enum_keys(key:key))\n{\n path = registry_get_sz(key:key + item, item:\"Path\");\n if(path && \"\\Microsoft.NET\\Framework\" >< path)\n {\n dllVer = fetch_file_version(sysPath:path, file_name:\"mscorlib.dll\");\n if(dllVer)\n {\n ## .NET Framework 1.1 Service Pack 1 for Windows Server 2003 Service Pack 2\n if((hotfix_check_sp(win2003:3, win2003x64:3) > 0) &&\n (version_in_range(version:dllVer, test_version:\"1.1.4322.2000\", test_version2:\"1.1.4322.2503\")))\n {\n VULN1 = TRUE;\n Vulnerable_range = \"1.1.4322.2000 - 1.1.4322.2503\";\n }\n\n ## .NET Framework 2.0 Service Pack 2 for Windows XP Service Pack 3 and Windows Server 2003 Service Pack 2\n if(hotfix_check_sp(xp:4, xpx64:3, win2003:3, win2003x64:3) > 0)\n {\n if(version_in_range(version:dllVer, test_version:\"2.0.50727.3000\", test_version2:\"2.0.50727.3654\"))\n {\n VULN1 = TRUE;\n Vulnerable_range = \"2.0.50727.3000 - 2.0.50727.3654\";\n }\n\n else if(version_in_range(version:dllVer, test_version:\"2.0.50727.7000\", test_version2:\"2.0.50727.7040\"))\n {\n VULN1 = TRUE;\n Vulnerable_range = \"2.0.50727.7000 - 2.0.50727.7040\";\n }\n }\n\n ## .NET Framework 2.0 Service Pack 2 for Windows Vista Service Pack 2 and Windows Server 2008 Service Pack 2\n if(hotfix_check_sp(winVista:3, win2008:3) > 0)\n {\n if(version_in_range(version:dllVer, test_version:\"2.0.50727.4000\", test_version2:\"2.0.50727.4246\"))\n {\n VULN1 = TRUE;\n Vulnerable_range = \"2.0.50727.4000 - 2.0.50727.4246\";\n }\n\n else if(version_in_range(version:dllVer, test_version:\"2.0.50727.7000\", test_version2:\"2.0.50727.7040\"))\n {\n VULN1 = TRUE;\n Vulnerable_range = \"2.0.50727.7000 - 2.0.50727.7040\";\n }\n }\n\n ## .NET Framework 3.5 for Windows 8 and Windows Server 2012\n if(hotfix_check_sp(win8:1, win8x64:1, win2012:1) > 0)\n {\n if(version_in_range(version:dllVer, test_version:\"2.0.50727.6000\", test_version2:\"2.0.50727.6412\"))\n {\n VULN1 = TRUE;\n Vulnerable_range = \"2.0.50727.6000 - 2.0.50727.6412\";\n }\n else if(version_in_range(version:dllVer, test_version:\"2.0.50727.7000\", test_version2:\"2.0.50727.7040\"))\n {\n VULN1 = TRUE;\n Vulnerable_range = \"2.0.50727.7000 - 2.0.50727.7040\";\n }\n }\n\n ## .NET Framework 3.5 for Windows 8.1\n if((hotfix_check_sp(win8_1:1, win8_1x64:1) > 0) &&\n (version_is_less(version:dllVer, test_version:\"2.0.50727.8000\")))\n {\n VULN1 = TRUE;\n Vulnerable_range = \"Less than 2.0.50727.8000\";\n }\n\n ## .NET Framework 3.5.1 for Windows 7 Service Pack 1 and Windows Server 2008 R2 Service Pack 1\n if(hotfix_check_sp(win7:2, win7x64:2, win2008r2:2) > 0)\n {\n if(version_in_range(version:dllVer, test_version:\"2.0.50727.5400\", test_version2:\"2.0.50727.5476\"))\n {\n VULN1 = TRUE;\n Vulnerable_range = \"2.0.50727.5400 - 2.0.50727.5476\";\n }\n else if(version_in_range(version:dllVer, test_version:\"2.0.50727.7000\", test_version2:\"2.0.50727.7040\"))\n {\n VULN1 = TRUE;\n Vulnerable_range = \"2.0.50727.7000 - 2.0.50727.7040\";\n }\n }\n\n ## .NET Framework 4 on Windows XP, Windows Server 2003, Windows Vista,\n if(hotfix_check_sp(xp:4, xpx64:3, win2003:3, winVista:3, win2008:3, win7:2, win7x64:2, win2008r2:2) > 0)\n {\n if(version_in_range(version:dllVer, test_version:\"4.0.30319.1000\", test_version2:\"4.0.30319.1021\"))\n {\n VULN1 = TRUE;\n Vulnerable_range = \"4.0.30319.1000 - 4.0.30319.1021\";\n }\n else if(version_in_range(version:dllVer, test_version:\"4.0.30319.2000\", test_version2:\"4.0.30319.2033\"))\n {\n VULN1 = TRUE;\n Vulnerable_range = \"4.0.30319.2000 - 4.0.30319.2033\";\n }\n }\n ## .NET Framework 4.5 for Windows Vista Service Pack 2, Windows Server 2008 Service Pack 2\n if(hotfix_check_sp(win7:2, win7x64:2, win2008r2:2, winVista:3, win2008:3) > 0)\n {\n if(version_in_range(version:dllVer, test_version:\"4.0.30319.18000\", test_version2:\"4.0.30319.18062\"))\n {\n VULN1 = TRUE;\n Vulnerable_range = \"4.0.30319.18000 - 4.0.30319.18062\";\n }\n if(version_in_range(version:dllVer, test_version:\"4.0.30319.19000\", test_version2:\"4.0.30319.19131\"))\n {\n VULN1 = TRUE;\n Vulnerable_range = \"4.0.30319.19000 - 4.0.30319.19131\";\n }\n }\n\n ## .NET Framework 4.5 for Windows 8 and Windows Server 2012\n if(hotfix_check_sp(win8:1, win8x64:1, win2012:1) > 0)\n {\n if(version_in_range(version:dllVer, test_version:\"4.0.30319.18000\", test_version2:\"4.0.30319.18448\"))\n {\n VULN1 = TRUE;\n Vulnerable_range = \"4.0.30319.18000 - 4.0.30319.18448\";\n }\n if(version_in_range(version:dllVer, test_version:\"4.0.30319.19000\", test_version2:\"4.0.30319.19454\"))\n {\n VULN1 = TRUE;\n Vulnerable_range = \"4.0.30319.19000 - 4.0.30319.19454\";\n }\n }\n\n ## .NET Framework 4.5.1 for Windows Vista Service Pack 2, Windows Server 2008 Service Pack 2\n if((hotfix_check_sp(win7:2, win7x64:2, win2008r2:2, winVista:3, win2008:3) > 0) &&\n (version_in_range(version:dllVer, test_version:\"4.0.30319.18000\", test_version2:\"4.0.30319.18443\")))\n {\n VULN1 = TRUE;\n Vulnerable_range = \"4.0.30319.18000 - 4.0.30319.18443\";\n }\n\n ## .NET Framework 4.5.1 for Windows 8 and Windows Server 2012\n if((hotfix_check_sp(win8:1, win8x64:1, win2012:1) > 0) &&\n (version_in_range(version:dllVer, test_version:\"4.0.30319.18000\", test_version2:\"4.0.30319.18448\")))\n {\n VULN1 = TRUE;\n Vulnerable_range = \"4.0.30319.18000 - 4.0.30319.18448\";\n }\n\n ## .NET Framework 4.5.1 for Windows 8.1\n if(hotfix_check_sp(win8_1:1, win8_1x64:1) > 0)\n {\n if(version_in_range(version:dllVer, test_version:\"4.0.30319.34000\", test_version2:\"4.0.30319.34010\"))\n {\n VULN1 = TRUE;\n Vulnerable_range = \"4.0.30319.34000 - 4.0.30319.34010\";\n }\n else if(version_in_range(version:dllVer, test_version:\"4.0.30319.36000\", test_version2:\"4.0.30319.36012\"))\n {\n VULN1 = TRUE;\n Vulnerable_range = \"4.0.30319.36000 - 4.0.30319.36012\";\n }\n }\n } ## mscorlib.dll - END\n\n\n\n dllVer = fetch_file_version(sysPath:path, file_name:\"System.Web.dll\");\n if(dllVer)\n {\n ## .NET Framework 1.1 Service Pack 1 for Windows Server 2003 Service Pack 2\n if((hotfix_check_sp(win2003:3, win2003x64:3) > 0) &&\n (version_in_range(version:dllVer, test_version:\"1.1.4322.2000\", test_version2:\"1.1.4322.2504\")))\n {\n VULN2 = TRUE;\n Vulnerable_range = \"1.1.4322.2000 - 1.1.4322.2504\";\n }\n\n ## .NET Framework 2.0 Service Pack 2 for Windows XP Service Pack 3 and Windows Server 2003 Service Pack 2\n if(hotfix_check_sp(xp:4, xpx64:3, win2003:3, win2003x64:3) > 0)\n {\n if(version_in_range(version:dllVer, test_version:\"2.0.50727.3000\", test_version2:\"2.0.50727.3657\"))\n {\n VULN2 = TRUE;\n Vulnerable_range = \"2.0.50727.3000 - 2.0.50727.3657\";\n }\n\n else if(version_in_range(version:dllVer, test_version:\"2.0.50727.7000\", test_version2:\"2.0.50727.7045\"))\n {\n VULN2 = TRUE;\n Vulnerable_range = \"2.0.50727.7000 - 2.0.50727.7045\";\n }\n }\n ## .NET Framework 2.0 Service Pack 2 for Windows Vista Service Pack 2 and Windows Server 2008 Service Pack 2\n if(hotfix_check_sp(winVista:3, win2008:3) > 0)\n {\n if(version_in_range(version:dllVer, test_version:\"2.0.50727.4000\", test_version2:\"2.0.50727.4247\"))\n {\n VULN2 = TRUE;\n Vulnerable_range = \"2.0.50727.4000 - 2.0.50727.4247\";\n }\n else if(version_in_range(version:dllVer, test_version:\"2.0.50727.7000\", test_version2:\"2.0.50727.7044\"))\n {\n VULN2 = TRUE;\n Vulnerable_range = \"2.0.50727.7000 - 2.0.50727.7044\";\n }\n }\n\n ## .NET Framework 3.5 for Windows 8 and Windows Server 2012\n if(hotfix_check_sp(win8:1, win2012:1) > 0)\n {\n if(version_in_range(version:dllVer, test_version:\"2.0.50727.6000\", test_version2:\"2.0.50727.6413\"))\n {\n VULN2 = TRUE;\n Vulnerable_range = \"2.0.50727.6000 - 2.0.50727.6413\";\n }\n else if(version_in_range(version:dllVer, test_version:\"2.0.50727.7000\", test_version2:\"2.0.50727.7044\"))\n {\n VULN2 = TRUE;\n Vulnerable_range = \"2.0.50727.7000 - 2.0.50727.7044\";\n }\n }\n\n ## .NET Framework 3.5 for Windows 8.1\n if((hotfix_check_sp(win8_1:1, win8_1x64:1) > 0) &&\n (version_is_less(version:dllVer, test_version:\"2.0.50727.8001\")))\n {\n VULN2 = TRUE;\n Vulnerable_range = \"Less than 2.0.50727.8001\";\n }\n\n ## .NET Framework 3.5.1 for Windows 7 Service Pack 1 and Windows Server 2008 R2 Service Pack 1\n if(hotfix_check_sp(win7:2, win7x64:2, win2008r2:2) > 0)\n {\n if(version_in_range(version:dllVer, test_version:\"2.0.50727.5400\", test_version2:\"2.0.50727.5478\"))\n {\n VULN2 = TRUE;\n Vulnerable_range = \"2.0.50727.5400 - 2.0.50727.5478\";\n }\n else if(version_in_range(version:dllVer, test_version:\"2.0.50727.7000\", test_version2:\"2.0.50727.7044\"))\n {\n VULN2 = TRUE;\n Vulnerable_range = \"2.0.50727.7000 - 2.0.50727.7044\";\n }\n }\n\n ## .NET Framework 4 on Windows XP, Windows Server 2003, Windows Vista,\n if(hotfix_check_sp(xp:4, xpx64:3, win2003:3, winVista:3, win2008:3, win7:2, win7x64:2, win2008r2:2) > 0)\n {\n if(version_in_range(version:dllVer, test_version:\"4.0.30319.1000\", test_version2:\"4.0.30319.1021\"))\n {\n VULN2 = TRUE;\n Vulnerable_range = \"4.0.30319.1000 - 4.0.30319.1021\";\n }\n if(version_in_range(version:dllVer, test_version:\"4.0.30319.2000\", test_version2:\"4.0.30319.2033\"))\n {\n VULN2 = TRUE;\n Vulnerable_range = \"4.0.30319.2000 - 4.0.30319.2033\";\n }\n }\n ## .NET Framework 4.5 for Windows Vista Service Pack 2, Windows Server 2008 Service Pack 2\n if(hotfix_check_sp(win7:2, win7x64:2, win2008r2:2, winVista:3, win2008:3) > 0)\n {\n if(version_in_range(version:dllVer, test_version:\"4.0.30319.18000\", test_version2:\"4.0.30319.18066\"))\n {\n VULN2 = TRUE;\n Vulnerable_range = \"4.0.30319.18000 - 4.0.30319.18066\";\n }\n if(version_in_range(version:dllVer, test_version:\"4.0.30319.19000\", test_version2:\"4.0.30319.19135\"))\n {\n VULN2 = TRUE;\n Vulnerable_range = \"4.0.30319.19000 - 4.0.30319.19135\";\n }\n }\n ## .NET Framework 4.5 for Windows 8 and Windows Server 2012\n if(hotfix_check_sp(win8:1, win8x64:1, win2012:1) > 0)\n {\n if(version_in_range(version:dllVer, test_version:\"4.0.30319.18000\", test_version2:\"4.0.30319.18448\"))\n {\n VULN2 = TRUE;\n Vulnerable_range = \"4.0.30319.18000 - 4.0.30319.18448\";\n }\n if(version_in_range(version:dllVer, test_version:\"4.0.30319.19000\", test_version2:\"4.0.30319.19454\"))\n {\n VULN2 = TRUE;\n Vulnerable_range = \"4.0.30319.19000 - 4.0.30319.19454\";\n }\n }\n\n ## .NET Framework 4.5.1 for Windows Vista Service Pack 2, Windows Server 2008 Service Pack 2\n if((hotfix_check_sp(win7:2, win7x64:2, win2008r2:2, winVista:3, win2008:3) > 0) &&\n (version_in_range(version:dllVer, test_version:\"4.0.30319.18000\", test_version2:\"4.0.30319.18445\")))\n {\n VULN2 = TRUE;\n Vulnerable_range = \"4.0.30319.18000 - 4.0.30319.18445\";\n }\n\n ## .NET Framework 4.5.1 for Windows 8 and Windows Server 2012\n if((hotfix_check_sp(win8:1, win8x64:1, win2012:1) > 0) &&\n (version_in_range(version:dllVer, test_version:\"4.0.30319.18000\", test_version2:\"4.0.30319.18446\")))\n {\n VULN2 = TRUE;\n Vulnerable_range = \"4.0.30319.18000 - 4.0.30319.18446\";\n }\n\n ## .NET Framework 4.5.1 for Windows 8.1\n if((hotfix_check_sp(win8_1:1, win8_1x64:1) > 0) &&\n (version_in_range(version:dllVer, test_version:\"4.0.30319.34000\", test_version2:\"4.0.30319.34008\")))\n {\n VULN2 = TRUE;\n Vulnerable_range = \"4.0.30319.34000 - 4.0.30319.34008\";\n }\n\n } ## System.Web.dll - END\n\n\n\n dllVer = fetch_file_version(sysPath:path, file_name:\"vsavb7rt.dll\");\n if(dllVer)\n {\n ## .NET Framework 2.0 Service Pack 2 for Windows Vista Service Pack 2 and Windows Server 2008 Service Pack 2\n if(hotfix_check_sp(winVista:3, win2008:3) > 0)\n {\n if(version_in_range(version:dllVer, test_version:\"8.0.50727.4000\", test_version2:\"8.0.50727.4249\"))\n {\n VULN3 = TRUE;\n Vulnerable_range = \"8.0.50727.4000 - 8.0.50727.4249\";\n }\n else if(version_in_range(version:dllVer, test_version:\"8.0.50727.7000\", test_version2:\"8.0.50727.7050\"))\n {\n VULN3 = TRUE;\n Vulnerable_range = \"8.0.50727.7000 - 8.0.50727.7050\";\n }\n }\n ## .NET Framework 3.5.1 for Windows 7 Service Pack 1 and Windows Server 2008 R2 Service Pack 1\n if(hotfix_check_sp(win7:2, win7x64:2, win2008r2:2) > 0)\n {\n if(version_in_range(version:dllVer, test_version:\"8.0.50727.5400\", test_version2:\"8.0.50727.5480\"))\n {\n VULN3 = TRUE;\n Vulnerable_range = \"8.0.50727.5400 - 8.0.50727.5480\";\n }\n if(version_in_range(version:dllVer, test_version:\"8.0.50727.7000\", test_version2:\"8.0.50727.7050\"))\n {\n VULN3 = TRUE;\n Vulnerable_range = \"8.0.50727.7000 - 8.0.50727.7050\";\n }\n }\n\n } ## vsavb7rt.dll - END\n\n }\n}\n\nif(VULN1)\n{\n report = 'File checked: ' + path + \"\\mscorlib.dll\" + '\\n' +\n 'File version: ' + dllVer + '\\n' +\n 'Vulnerable range: ' + Vulnerable_range+ '\\n' ;\n security_message(data:report);\n}\n\nif(VULN2)\n{\n report = 'File checked: ' + path + \"\\System.Web.dll\" + '\\n' +\n 'File version: ' + dllVer + '\\n' +\n 'Vulnerable range: ' + Vulnerable_range+ '\\n' ;\n security_message(data:report);\n}\n\nif(VULN3)\n{\n report = 'File checked: ' + path + \"\\vsavb7rt.dll\" + '\\n' +\n 'File version: ' + dllVer + '\\n' +\n 'Vulnerable range: ' + Vulnerable_range+ '\\n' ;\n security_message(data:report);\n exit(0);\n}\n", "cvss": {"score": 9.3, "vector": "AV:N/AC:M/Au:N/C:C/I:C/A:C"}}, {"lastseen": "2017-10-30T10:44:45", "bulletinFamily": "scanner", "cvelist": ["CVE-2014-0257", "CVE-2014-0253", "CVE-2014-0295"], "description": "This host is missing an important security update according to\nMicrosoft Bulletin MS14-009.", "modified": "2017-10-26T00:00:00", "published": "2014-02-12T00:00:00", "id": "OPENVAS:903337", "href": "http://plugins.openvas.org/nasl.php?oid=903337", "type": "openvas", "title": "Microsoft .NET Framework Multiple Vulnerabilities (2916607)", "sourceData": "###############################################################################\n# OpenVAS Vulnerability Test\n# $Id: secpod_ms14-009.nasl 7582 2017-10-26 11:56:51Z cfischer $\n#\n# Microsoft .NET Framework Multiple Vulnerabilities (2916607)\n#\n# Authors:\n# Thanga Prakash S <tprakash@secpod.com>\n#\n# Copyright:\n# Copyright (C) 2014 SecPod, http://www.secpod.com\n#\n# This program is free software; you can redistribute it and/or modify\n# it under the terms of the GNU General Public License version 2\n# (or any later version), as published by the Free Software Foundation.\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n###############################################################################\n\nif(description)\n{\n script_id(903337);\n script_version(\"$Revision: 7582 $\");\n script_cve_id(\"CVE-2014-0253\", \"CVE-2014-0257\", \"CVE-2014-0295\");\n script_bugtraq_id(65415, 65417, 65418);\n script_tag(name:\"cvss_base\", value:\"9.3\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:N/AC:M/Au:N/C:C/I:C/A:C\");\n script_tag(name:\"last_modification\", value:\"$Date: 2017-10-26 13:56:51 +0200 (Thu, 26 Oct 2017) $\");\n script_tag(name:\"creation_date\", value:\"2014-02-12 10:37:08 +0530 (Wed, 12 Feb 2014)\");\n script_name(\"Microsoft .NET Framework Multiple Vulnerabilities (2916607)\");\n\n tag_summary =\n\"This host is missing an important security update according to\nMicrosoft Bulletin MS14-009.\";\n\n tag_vuldetect =\n\"Get the vulnerable file version and check appropriate patch is applied\nor not.\";\n\n tag_insight =\n\"Multiple flaws due to,\n- ASP.NET does not properly identify stale HTTP connections.\n- An error within the .NET framework when handling certain COM objects.\n- Additionally, some unspecified weakness exists.\";\n\n tag_impact =\n\"Successful exploitation could allow an attacker to bypass certain security\nmechanism and cause denial of service.\";\n\n tag_affected =\n\"Microsoft .NET Framework 1.0, 1.1, 2.0, 3.0, 3.5, 3.5.1, 4.0, 4.5 and 4.5.1\";\n\n tag_solution =\n\"Run Windows Update and update the listed hotfixes or download and\nupdate mentioned hotfixes in the advisory from the below link,\nhttps://technet.microsoft.com/en-us/security/bulletin/ms14-009\";\n\n\n script_tag(name : \"summary\" , value : tag_summary);\n script_tag(name : \"vuldetect\" , value : tag_vuldetect);\n script_tag(name : \"insight\" , value : tag_insight);\n script_tag(name : \"impact\" , value : tag_impact);\n script_tag(name : \"affected\" , value : tag_affected);\n script_tag(name : \"solution\" , value : tag_solution);\n script_tag(name:\"qod_type\", value:\"registry\");\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n\n script_xref(name : \"URL\" , value : \"http://secunia.com/advisories/56793\");\n script_xref(name : \"URL\" , value : \"http://support.microsoft.com/kb/2916607\");\n script_xref(name : \"URL\" , value : \"https://technet.microsoft.com/en-us/security/bulletin/ms14-009\");\n script_category(ACT_GATHER_INFO);\n script_copyright(\"Copyright (C) 2014 SecPod\");\n script_family(\"Windows : Microsoft Bulletins\");\n script_dependencies(\"secpod_reg_enum.nasl\");\n script_require_ports(139, 445);\n script_mandatory_keys(\"SMB/WindowsVersion\");\n\n exit(0);\n}\n\n\ninclude(\"smb_nt.inc\");\ninclude(\"secpod_reg.inc\");\ninclude(\"version_func.inc\");\ninclude(\"secpod_smb_func.inc\");\n\n## Variables Initialization\nkey = \"\";\nitem = \"\";\npath = \"\";\ndllVer = \"\";\ndllv4 = \"\";\nsysVer = \"\";\n\n## Check for OS and Service Pack\nif(hotfix_check_sp(xp:4, xpx64:3, win2003:3, win2003x64:3, winVista:3, win7:2,\n win7x64:2, win2008:3, win2008r2:2, win8:1, win8x64:1, win8_1:1, win8_1x64:1, win2012:1) <= 0){\n exit(0);\n}\n\n## Confirm .NET\nkey = \"SOFTWARE\\Microsoft\\ASP.NET\\\";\nif(!registry_key_exists(key:key)){\n exit(0);\n}\n\n## Try to Get Version\nforeach item (registry_enum_keys(key:key))\n{\n path = registry_get_sz(key:key + item, item:\"Path\");\n if(path && \"\\Microsoft.NET\\Framework\" >< path)\n {\n ## Get version from mscorlib.dll file\n dllVer = fetch_file_version(sysPath:path, file_name:\"mscorlib.dll\");\n if(dllVer)\n {\n ## .NET Framework 1.1 Service Pack 1 for Windows Server 2003 Service Pack 2\n if((hotfix_check_sp(win2003:3, win2003x64:3) > 0) &&\n (version_in_range(version:dllVer, test_version:\"1.1.4322.2000\", test_version2:\"1.1.4322.2503\")))\n {\n VULN1 = TRUE;\n Vulnerable_range = \"1.1.4322.2000 - 1.1.4322.2503\";\n }\n\n ## .NET Framework 2.0 Service Pack 2 for Windows XP Service Pack 3 and Windows Server 2003 Service Pack 2\n if(hotfix_check_sp(xp:4, xpx64:3, win2003:3, win2003x64:3) > 0)\n {\n if(version_in_range(version:dllVer, test_version:\"2.0.50727.3000\", test_version2:\"2.0.50727.3654\"))\n {\n VULN1 = TRUE;\n Vulnerable_range = \"2.0.50727.3000 - 2.0.50727.3654\";\n }\n\n else if(version_in_range(version:dllVer, test_version:\"2.0.50727.7000\", test_version2:\"2.0.50727.7040\"))\n {\n VULN1 = TRUE;\n Vulnerable_range = \"2.0.50727.7000 - 2.0.50727.7040\";\n }\n }\n\n ## .NET Framework 2.0 Service Pack 2 for Windows Vista Service Pack 2 and Windows Server 2008 Service Pack 2\n if(hotfix_check_sp(winVista:3, win2008:3) > 0)\n {\n if(version_in_range(version:dllVer, test_version:\"2.0.50727.4000\", test_version2:\"2.0.50727.4246\"))\n {\n VULN1 = TRUE;\n Vulnerable_range = \"2.0.50727.4000 - 2.0.50727.4246\";\n }\n\n else if(version_in_range(version:dllVer, test_version:\"2.0.50727.7000\", test_version2:\"2.0.50727.7040\"))\n {\n VULN1 = TRUE;\n Vulnerable_range = \"2.0.50727.7000 - 2.0.50727.7040\";\n }\n }\n\n ## .NET Framework 3.5 for Windows 8 and Windows Server 2012\n if(hotfix_check_sp(win8:1, win8x64:1, win2012:1) > 0)\n {\n if(version_in_range(version:dllVer, test_version:\"2.0.50727.6000\", test_version2:\"2.0.50727.6412\"))\n {\n VULN1 = TRUE;\n Vulnerable_range = \"2.0.50727.6000 - 2.0.50727.6412\";\n }\n else if(version_in_range(version:dllVer, test_version:\"2.0.50727.7000\", test_version2:\"2.0.50727.7040\"))\n {\n VULN1 = TRUE;\n Vulnerable_range = \"2.0.50727.7000 - 2.0.50727.7040\";\n }\n }\n\n ## .NET Framework 3.5 for Windows 8.1\n if((hotfix_check_sp(win8_1:1, win8_1x64:1) > 0) &&\n (version_is_less(version:dllVer, test_version:\"2.0.50727.8000\")))\n {\n VULN1 = TRUE;\n Vulnerable_range = \"Less than 2.0.50727.8000\";\n }\n\n ## .NET Framework 3.5.1 for Windows 7 Service Pack 1 and Windows Server 2008 R2 Service Pack 1\n if(hotfix_check_sp(win7:2, win7x64:2, win2008r2:2) > 0)\n {\n if(version_in_range(version:dllVer, test_version:\"2.0.50727.5400\", test_version2:\"2.0.50727.5476\"))\n {\n VULN1 = TRUE;\n Vulnerable_range = \"2.0.50727.5400 - 2.0.50727.5476\";\n }\n else if(version_in_range(version:dllVer, test_version:\"2.0.50727.7000\", test_version2:\"2.0.50727.7040\"))\n {\n VULN1 = TRUE;\n Vulnerable_range = \"2.0.50727.7000 - 2.0.50727.7040\";\n }\n }\n\n ## .NET Framework 4 on Windows XP, Windows Server 2003, Windows Vista,\n ## Windows Server 2008, Windows 7, and Windows Server 2008 R2\n if(hotfix_check_sp(xp:4, xpx64:3, win2003:3, winVista:3, win2008:3, win7:2, win7x64:2, win2008r2:2) > 0)\n {\n if(version_in_range(version:dllVer, test_version:\"4.0.30319.1000\", test_version2:\"4.0.30319.1021\"))\n {\n VULN1 = TRUE;\n Vulnerable_range = \"4.0.30319.1000 - 4.0.30319.1021\";\n }\n else if(version_in_range(version:dllVer, test_version:\"4.0.30319.2000\", test_version2:\"4.0.30319.2033\"))\n {\n VULN1 = TRUE;\n Vulnerable_range = \"4.0.30319.2000 - 4.0.30319.2033\";\n }\n }\n ## .NET Framework 4.5 for Windows Vista Service Pack 2, Windows Server 2008 Service Pack 2\n ## Windows 7 Service Pack 1, and Windows Server 2008 R2 Service Pack 1\n if(hotfix_check_sp(win7:2, win7x64:2, win2008r2:2, winVista:3, win2008:3) > 0)\n {\n if(version_in_range(version:dllVer, test_version:\"4.0.30319.18000\", test_version2:\"4.0.30319.18062\"))\n {\n VULN1 = TRUE;\n Vulnerable_range = \"4.0.30319.18000 - 4.0.30319.18062\";\n }\n if(version_in_range(version:dllVer, test_version:\"4.0.30319.19000\", test_version2:\"4.0.30319.19131\"))\n {\n VULN1 = TRUE;\n Vulnerable_range = \"4.0.30319.19000 - 4.0.30319.19131\";\n }\n }\n\n ## .NET Framework 4.5 for Windows 8 and Windows Server 2012\n if(hotfix_check_sp(win8:1, win8x64:1, win2012:1) > 0)\n {\n if(version_in_range(version:dllVer, test_version:\"4.0.30319.18000\", test_version2:\"4.0.30319.18448\"))\n {\n VULN1 = TRUE;\n Vulnerable_range = \"4.0.30319.18000 - 4.0.30319.18448\";\n }\n if(version_in_range(version:dllVer, test_version:\"4.0.30319.19000\", test_version2:\"4.0.30319.19454\"))\n {\n VULN1 = TRUE;\n Vulnerable_range = \"4.0.30319.19000 - 4.0.30319.19454\";\n }\n }\n\n ## .NET Framework 4.5.1 for Windows Vista Service Pack 2, Windows Server 2008 Service Pack 2\n ## Windows 7 Service Pack 1, and Windows Server 2008 R2 Service Pack 1\n if((hotfix_check_sp(win7:2, win7x64:2, win2008r2:2, winVista:3, win2008:3) > 0) &&\n (version_in_range(version:dllVer, test_version:\"4.0.30319.18000\", test_version2:\"4.0.30319.18443\")))\n {\n VULN1 = TRUE;\n Vulnerable_range = \"4.0.30319.18000 - 4.0.30319.18443\";\n }\n\n ## .NET Framework 4.5.1 for Windows 8 and Windows Server 2012\n if((hotfix_check_sp(win8:1, win8x64:1, win2012:1) > 0) &&\n (version_in_range(version:dllVer, test_version:\"4.0.30319.18000\", test_version2:\"4.0.30319.18448\")))\n {\n VULN1 = TRUE;\n Vulnerable_range = \"4.0.30319.18000 - 4.0.30319.18448\";\n }\n\n ## .NET Framework 4.5.1 for Windows 8.1\n if(hotfix_check_sp(win8_1:1, win8_1x64:1) > 0)\n {\n if(version_in_range(version:dllVer, test_version:\"4.0.30319.34000\", test_version2:\"4.0.30319.34010\"))\n {\n VULN1 = TRUE;\n Vulnerable_range = \"4.0.30319.34000 - 4.0.30319.34010\";\n }\n else if(version_in_range(version:dllVer, test_version:\"4.0.30319.36000\", test_version2:\"4.0.30319.36012\"))\n {\n VULN1 = TRUE;\n Vulnerable_range = \"4.0.30319.36000 - 4.0.30319.36012\";\n }\n }\n } ## mscorlib.dll - END\n\n\n\n ## Get version from System.Web.dll file\n dllVer = fetch_file_version(sysPath:path, file_name:\"System.Web.dll\");\n if(dllVer)\n {\n ## .NET Framework 1.1 Service Pack 1 for Windows Server 2003 Service Pack 2\n if((hotfix_check_sp(win2003:3, win2003x64:3) > 0) && \n (version_in_range(version:dllVer, test_version:\"1.1.4322.2000\", test_version2:\"1.1.4322.2504\")))\n {\n VULN2 = TRUE;\n Vulnerable_range = \"1.1.4322.2000 - 1.1.4322.2504\";\n }\n\n ## .NET Framework 2.0 Service Pack 2 for Windows XP Service Pack 3 and Windows Server 2003 Service Pack 2\n if(hotfix_check_sp(xp:4, xpx64:3, win2003:3, win2003x64:3) > 0)\n {\n if(version_in_range(version:dllVer, test_version:\"2.0.50727.3000\", test_version2:\"2.0.50727.3657\"))\n {\n VULN2 = TRUE;\n Vulnerable_range = \"2.0.50727.3000 - 2.0.50727.3657\";\n }\n\n else if(version_in_range(version:dllVer, test_version:\"2.0.50727.7000\", test_version2:\"2.0.50727.7045\"))\n {\n VULN2 = TRUE;\n Vulnerable_range = \"2.0.50727.7000 - 2.0.50727.7045\";\n }\n }\n ## .NET Framework 2.0 Service Pack 2 for Windows Vista Service Pack 2 and Windows Server 2008 Service Pack 2\n if(hotfix_check_sp(winVista:3, win2008:3) > 0)\n {\n if(version_in_range(version:dllVer, test_version:\"2.0.50727.4000\", test_version2:\"2.0.50727.4247\"))\n {\n VULN2 = TRUE;\n Vulnerable_range = \"2.0.50727.4000 - 2.0.50727.4247\";\n }\n else if(version_in_range(version:dllVer, test_version:\"2.0.50727.7000\", test_version2:\"2.0.50727.7044\"))\n {\n VULN2 = TRUE;\n Vulnerable_range = \"2.0.50727.7000 - 2.0.50727.7044\";\n }\n }\n\n ## .NET Framework 3.5 for Windows 8 and Windows Server 2012\n if(hotfix_check_sp(win8:1, win2012:1) > 0)\n {\n if(version_in_range(version:dllVer, test_version:\"2.0.50727.6000\", test_version2:\"2.0.50727.6413\"))\n {\n VULN2 = TRUE;\n Vulnerable_range = \"2.0.50727.6000 - 2.0.50727.6413\";\n }\n else if(version_in_range(version:dllVer, test_version:\"2.0.50727.7000\", test_version2:\"2.0.50727.7044\"))\n {\n VULN2 = TRUE;\n Vulnerable_range = \"2.0.50727.7000 - 2.0.50727.7044\";\n }\n }\n\n ## .NET Framework 3.5 for Windows 8.1\n if((hotfix_check_sp(win8_1:1, win8_1x64:1) > 0) &&\n (version_is_less(version:dllVer, test_version:\"2.0.50727.8001\")))\n {\n VULN2 = TRUE;\n Vulnerable_range = \"Less than 2.0.50727.8001\";\n }\n\n ## .NET Framework 3.5.1 for Windows 7 Service Pack 1 and Windows Server 2008 R2 Service Pack 1\n if(hotfix_check_sp(win7:2, win7x64:2, win2008r2:2) > 0)\n {\n if(version_in_range(version:dllVer, test_version:\"2.0.50727.5400\", test_version2:\"2.0.50727.5478\"))\n {\n VULN2 = TRUE;\n Vulnerable_range = \"2.0.50727.5400 - 2.0.50727.5478\";\n }\n else if(version_in_range(version:dllVer, test_version:\"2.0.50727.7000\", test_version2:\"2.0.50727.7044\"))\n {\n VULN2 = TRUE;\n Vulnerable_range = \"2.0.50727.7000 - 2.0.50727.7044\";\n }\n }\n\n ## .NET Framework 4 on Windows XP, Windows Server 2003, Windows Vista,\n ## Windows Server 2008, Windows 7, and Windows Server 2008 R2\n if(hotfix_check_sp(xp:4, xpx64:3, win2003:3, winVista:3, win2008:3, win7:2, win7x64:2, win2008r2:2) > 0)\n {\n if(version_in_range(version:dllVer, test_version:\"4.0.30319.1000\", test_version2:\"4.0.30319.1021\"))\n {\n VULN2 = TRUE;\n Vulnerable_range = \"4.0.30319.1000 - 4.0.30319.1021\";\n }\n if(version_in_range(version:dllVer, test_version:\"4.0.30319.2000\", test_version2:\"4.0.30319.2033\"))\n {\n VULN2 = TRUE;\n Vulnerable_range = \"4.0.30319.2000 - 4.0.30319.2033\";\n }\n }\n ## .NET Framework 4.5 for Windows Vista Service Pack 2, Windows Server 2008 Service Pack 2\n ## Windows 7 Service Pack 1, and Windows Server 2008 R2 Service Pack 1\n if(hotfix_check_sp(win7:2, win7x64:2, win2008r2:2, winVista:3, win2008:3) > 0)\n {\n if(version_in_range(version:dllVer, test_version:\"4.0.30319.18000\", test_version2:\"4.0.30319.18066\"))\n {\n VULN2 = TRUE;\n Vulnerable_range = \"4.0.30319.18000 - 4.0.30319.18066\";\n }\n if(version_in_range(version:dllVer, test_version:\"4.0.30319.19000\", test_version2:\"4.0.30319.19135\"))\n {\n VULN2 = TRUE;\n Vulnerable_range = \"4.0.30319.19000 - 4.0.30319.19135\";\n }\n }\n ## .NET Framework 4.5 for Windows 8 and Windows Server 2012\n if(hotfix_check_sp(win8:1, win8x64:1, win2012:1) > 0)\n {\n if(version_in_range(version:dllVer, test_version:\"4.0.30319.18000\", test_version2:\"4.0.30319.18448\"))\n {\n VULN2 = TRUE;\n Vulnerable_range = \"4.0.30319.18000 - 4.0.30319.18448\";\n }\n if(version_in_range(version:dllVer, test_version:\"4.0.30319.19000\", test_version2:\"4.0.30319.19454\"))\n {\n VULN2 = TRUE;\n Vulnerable_range = \"4.0.30319.19000 - 4.0.30319.19454\";\n }\n }\n\n ## .NET Framework 4.5.1 for Windows Vista Service Pack 2, Windows Server 2008 Service Pack 2\n ## Windows 7 Service Pack 1, and Windows Server 2008 R2 Service Pack 1\n if((hotfix_check_sp(win7:2, win7x64:2, win2008r2:2, winVista:3, win2008:3) > 0) && \n (version_in_range(version:dllVer, test_version:\"4.0.30319.18000\", test_version2:\"4.0.30319.18445\")))\n {\n VULN2 = TRUE;\n Vulnerable_range = \"4.0.30319.18000 - 4.0.30319.18445\";\n }\n\n ## .NET Framework 4.5.1 for Windows 8 and Windows Server 2012\n if((hotfix_check_sp(win8:1, win8x64:1, win2012:1) > 0) &&\n (version_in_range(version:dllVer, test_version:\"4.0.30319.18000\", test_version2:\"4.0.30319.18446\")))\n {\n VULN2 = TRUE;\n Vulnerable_range = \"4.0.30319.18000 - 4.0.30319.18446\";\n }\n\n ## .NET Framework 4.5.1 for Windows 8.1\n if((hotfix_check_sp(win8_1:1, win8_1x64:1) > 0) &&\n (version_in_range(version:dllVer, test_version:\"4.0.30319.34000\", test_version2:\"4.0.30319.34008\")))\n {\n VULN2 = TRUE;\n Vulnerable_range = \"4.0.30319.34000 - 4.0.30319.34008\";\n }\n\n } ## System.Web.dll - END\n\n\n\n ## Get version from vsavb7rt.dll file\n dllVer = fetch_file_version(sysPath:path, file_name:\"vsavb7rt.dll\");\n if(dllVer)\n {\n ## .NET Framework 2.0 Service Pack 2 for Windows Vista Service Pack 2 and Windows Server 2008 Service Pack 2\n if(hotfix_check_sp(winVista:3, win2008:3) > 0)\n {\n if(version_in_range(version:dllVer, test_version:\"8.0.50727.4000\", test_version2:\"8.0.50727.4249\"))\n {\n VULN3 = TRUE;\n Vulnerable_range = \"8.0.50727.4000 - 8.0.50727.4249\";\n }\n else if(version_in_range(version:dllVer, test_version:\"8.0.50727.7000\", test_version2:\"8.0.50727.7050\"))\n {\n VULN3 = TRUE;\n Vulnerable_range = \"8.0.50727.7000 - 8.0.50727.7050\";\n }\n }\n ## .NET Framework 3.5.1 for Windows 7 Service Pack 1 and Windows Server 2008 R2 Service Pack 1\n if(hotfix_check_sp(win7:2, win7x64:2, win2008r2:2) > 0)\n {\n if(version_in_range(version:dllVer, test_version:\"8.0.50727.5400\", test_version2:\"8.0.50727.5480\"))\n {\n VULN3 = TRUE;\n Vulnerable_range = \"8.0.50727.5400 - 8.0.50727.5480\";\n }\n if(version_in_range(version:dllVer, test_version:\"8.0.50727.7000\", test_version2:\"8.0.50727.7050\"))\n {\n VULN3 = TRUE;\n Vulnerable_range = \"8.0.50727.7000 - 8.0.50727.7050\";\n }\n }\n\n } ## vsavb7rt.dll - END\n\n }\n}\n\nif(VULN1)\n{\n report = 'File checked: ' + path + \"\\mscorlib.dll\" + '\\n' +\n 'File version: ' + dllVer + '\\n' +\n 'Vulnerable range: ' + Vulnerable_range+ '\\n' ;\n security_message(data:report);\n}\n\nif(VULN2)\n{\n report = 'File checked: ' + path + \"\\System.Web.dll\" + '\\n' +\n 'File version: ' + dllVer + '\\n' +\n 'Vulnerable range: ' + Vulnerable_range+ '\\n' ;\n security_message(data:report);\n} \n\nif(VULN3)\n{\n report = 'File checked: ' + path + \"\\vsavb7rt.dll\" + '\\n' +\n 'File version: ' + dllVer + '\\n' +\n 'Vulnerable range: ' + Vulnerable_range+ '\\n' ;\n security_message(data:report);\n exit(0);\n}\n", "cvss": {"score": 9.3, "vector": "AV:NETWORK/AC:MEDIUM/Au:NONE/C:COMPLETE/I:COMPLETE/A:COMPLETE/"}}], "mskb": [{"lastseen": "2021-01-01T22:45:22", "bulletinFamily": "microsoft", "cvelist": ["CVE-2014-0257", "CVE-2014-0253", "CVE-2014-0295"], "description": "<html><body><p>Resolves vulnerabilities that could allow elevation of privilege if a user visits a specially crafted website or a website that contains specially crafted web content.</p><h2></h2><div class=\"kb-summary-section section\"><br/><a bookmark-id=\"appliestoproducts\" href=\"#appliestoproducts\" managed-link=\"\" target=\"\">View products that this article applies to.</a><span></span></div><h2>Introduction</h2><div class=\"kb-summary-section section\">This update resolves vulnerabilities that could allow elevation of privilege if a user visits a specially crafted website or a website that contains specially crafted web content.</div><h2>Summary</h2><div class=\"kb-summary-section section\">Microsoft has released security bulletin MS14-009. Learn more about how to obtain the fixes that are included in this security bulletin:<ul class=\"sbody-free_list\"><li>For individual, small business, and organizational users, use the Windows automatic updating feature to install the fixes from Microsoft Update. To do this, see <a href=\"http://www.microsoft.com/security/pc-security/updates.aspx\" id=\"kb-link-1\" target=\"_self\">Get security updates automatically</a> on the Microsoft Safety and Security Center website.<br/></li><li>For IT professionals, see <a href=\"http://technet.microsoft.com/security/bulletin/ms14-009\" id=\"kb-link-2\" target=\"_self\">Microsoft Security Bulletin MS14-009</a> on the Security TechCenter website.</li></ul></div><h2></h2><div class=\"kb-summary-section section\"><h3 class=\"sbody-h3\">How to obtain help and support for this security update</h3>Help installing updates: <a href=\"https://support.microsoft.com/ph/6527\" id=\"kb-link-3\" target=\"_self\">Support for Microsoft Update</a><br/><br/>Security solutions for IT professionals: <a href=\"http://technet.microsoft.com/security/bb980617.aspx\" id=\"kb-link-4\" target=\"_self\">TechNet Security Troubleshooting and Support</a><br/><br/>Help protect your computer that is running Windows from viruses and malware: <a href=\"https://support.microsoft.com/contactus/cu_sc_virsec_master\" id=\"kb-link-5\" target=\"_self\">Virus Solution and Security Center</a><br/><br/>Local support according to your country: <a href=\"https://support.microsoft.com/common/international.aspx\" id=\"kb-link-6\" target=\"_self\">International Support</a></div><h2>More Information</h2><div class=\"kb-moreinformation-section section\"><h4 class=\"sbody-h4\">Known issues and additional information about this update</h4>After you install one of these security updates, marshaling of reflection types may not work as expected over DCOM. For more information about this issue, click the following article number to view the article in the Microsoft Knowledge Base: <div class=\"indent\"><a href=\"https://support.microsoft.com/en-us/help/2934830\" id=\"kb-link-7\">2934830 </a> Marshaling of reflection types may not work over DCOM after you install a security update from security bulletin MS14-009 </div><br/>The following articles contain additional information about this update as it relates to individual product versions. The articles may contain specific information about the individual updates such as a download URL, prerequisites, and command-line switches.<br/><br/><h5 class=\"sbody-h5 text-subtitle\">Microsoft .NET Framework 4.5.1</h5><ul class=\"sbody-free_list\"><li><a href=\"https://support.microsoft.com/en-us/help/2901128\" id=\"kb-link-8\">2901128 </a> MS14-009: Description of the security update for the .NET Framework 4.5.1 for Windows 8.1, Windows RT 8.1, and Windows Server 2012 R2: February 11, 2014</li><li><a href=\"https://support.microsoft.com/en-us/help/2898871\" id=\"kb-link-9\">2898871 </a> MS14-009: Description of the security update for the .NET Framework 4.5.1 for Windows 8, Windows RT 8.1, and Windows Server 2012 R2: February 11, 2014</li><li><a href=\"https://support.microsoft.com/en-us/help/2901127\" id=\"kb-link-10\">2901127 </a> MS14-009: Description of the security update for the .NET Framework 4.5.1 for Windows 8, Windows RT, and Windows Server 2012: February 11, 2014</li><li><a href=\"https://support.microsoft.com/en-us/help/2898870\" id=\"kb-link-11\">2898870 </a> MS14-009: Description of the security update for the .NET Framework 4.5.1 for Windows 8, Windows RT, and Windows Server 2012: February 11, 2014</li><li><a href=\"https://support.microsoft.com/en-us/help/2901126\" id=\"kb-link-12\">2901126 </a> MS14-009: Description of the security update for the .NET Framework 4.5.1 for Windows Vista Service Pack 2, Windows Server 2008 Service Pack 2, Windows 7 Service Pack 1, and Windows Server 2008 R2 Service Pack 1: February 11, 2014</li><li><a href=\"https://support.microsoft.com/en-us/help/2898869\" id=\"kb-link-13\">2898869 </a> MS14-009: Description of the security update for the .NET Framework 4.5.1 for Windows Vista Service Pack 2, Windows Server 2008 Service Pack 2, Windows 7 Service Pack 1, and Windows Server 2008 R2 Service Pack 1: February 11, 2014</li></ul><br/><h5 class=\"sbody-h5 text-subtitle\">Microsoft .NET Framework 4.5</h5><ul class=\"sbody-free_list\"><li><a href=\"https://support.microsoft.com/en-us/help/2901119\" id=\"kb-link-14\">2901119 </a> MS14-009: Description of the security update for the .NET Framework 4.5 for Windows 8, Windows RT, and Windows Server 2012: February 11, 2014</li><li><a href=\"https://support.microsoft.com/en-us/help/2898865\" id=\"kb-link-15\">2898865 </a> MS14-009: Description of the security update for the .NET Framework 4.5 for Windows 8, Windows RT, and Windows Server 2012: February 11, 2014</li><li><a href=\"https://support.microsoft.com/en-us/help/2901118\" id=\"kb-link-16\">2901118 </a> MS14-009: Description of the security update for the .NET Framework 4.5 for Windows Vista Service Pack 2, Windows Server 2008 Service Pack 2, Windows 7 Service Pack 1, and Windows Server 2008 R2 Service Pack 1: February 11, 2014</li><li><a href=\"https://support.microsoft.com/en-us/help/2898864\" id=\"kb-link-17\">2898864 </a> MS14-009: Description of the security update for the .NET Framework 4.5 for Windows Vista Service Pack 2, Windows Server 2008 Service Pack 2, Windows 7 Service Pack 1, and Windows Server 2008 R2 Service Pack 1: February 11, 2014</li></ul><h5 class=\"sbody-h5 text-subtitle\">Microsoft .NET Framework 4</h5><ul class=\"sbody-free_list\"><li><a href=\"https://support.microsoft.com/en-us/help/2901110\" id=\"kb-link-18\">2901110 </a> MS14-009: Description of the security update for the .NET Framework 4 on Windows XP, Windows Server 2003, Windows Vista, Windows Server 2008, Windows 7, and Windows Server 2008 R2: February 11, 2014</li><li><a href=\"https://support.microsoft.com/en-us/help/2898855\" id=\"kb-link-19\">2898855 </a> MS14-009: Description of the security update for the .NET Framework 4 for Windows XP, Windows Server 2003, Windows Vista, Windows Server 2008, Windows 7, and Windows Server 2008 R2: February 11, 2014</li></ul><h5 class=\"sbody-h5 text-subtitle\">Microsoft .NET Framework 3.5.1</h5><ul class=\"sbody-free_list\"><li><a href=\"https://support.microsoft.com/en-us/help/2901112\" id=\"kb-link-20\">2901112 </a> MS14-009: Description of the security update for the .NET Framework 3.5.1 for Windows 7 Service Pack 1 and Windows Server 2008 R2 Service Pack 1: February 11, 2014</li><li><a href=\"https://support.microsoft.com/en-us/help/2911501\" id=\"kb-link-21\">2911501 </a> MS14-009: Description of the security update for the .NET Framework 3.5.1 for Windows 7 Service Pack 1 and Windows Server 2008 R2 Service Pack 1: February 11, 2014</li><li><a href=\"https://support.microsoft.com/en-us/help/2898857\" id=\"kb-link-22\">2898857 </a> MS14-009: Description of the security update for the .NET Framework 3.5.1 for Windows 7 Service Pack 1 and Windows Server 2008 R2 Service Pack 1: February 11, 2014</li></ul><h5 class=\"sbody-h5 text-subtitle\">Microsoft .NET Framework 3.5</h5><ul class=\"sbody-free_list\"><li><a href=\"https://support.microsoft.com/en-us/help/2901125\" id=\"kb-link-23\">2901125 </a> MS14-009: Description of the security update for the .NET Framework 3.5 for Windows 8.1 and Windows Server 2012 R2: February 11, 2014</li><li><a href=\"https://support.microsoft.com/en-us/help/2898868\" id=\"kb-link-24\">2898868 </a> MS14-009: Description of the security update for the .NET Framework 3.5 for Windows 8.1 and Windows Server 2012 R2: February 11, 2014</li><li><a href=\"https://support.microsoft.com/en-us/help/2901120\" id=\"kb-link-25\">2901120 </a> MS14-009: Description of the security update for the .NET Framework 3.5 for Windows 8 and Windows Server 2012: February 11, 2014</li><li><a href=\"https://support.microsoft.com/en-us/help/2898866\" id=\"kb-link-26\">2898866 </a> MS14-009: Description of the security update for the .NET Framework 3.5 for Windows 8 and Windows Server 2012: February 11, 2014</li></ul><h5 class=\"sbody-h5 text-subtitle\">Microsoft .NET Framework 2.0</h5><ul class=\"sbody-free_list\"><li><a href=\"https://support.microsoft.com/en-us/help/2901113\" id=\"kb-link-27\">2901113 </a> MS14-009: Description of the security update for the .NET Framework 2.0 Service Pack 2 for Windows Vista Service Pack 2 and Windows Server 2008 Service Pack 2: February 11, 2014</li><li><a href=\"https://support.microsoft.com/en-us/help/2911502\" id=\"kb-link-28\">2911502 </a> MS14-009: Description of the security update for the .NET Framework 2.0 Service Pack 2 for Windows Vista Service Pack 2 and Windows Server 2008 Service Pack 2: February 11, 2014</li><li><a href=\"https://support.microsoft.com/en-us/help/2898858\" id=\"kb-link-29\">2898858 </a> MS14-009: Description of the security update for the .NET Framework 2.0 Service Pack 2 for Windows Vista Service Pack 2 and Windows Server 2008 Service Pack 2: February 11, 2014</li><li><a href=\"https://support.microsoft.com/en-us/help/2901111\" id=\"kb-link-30\">2901111 </a> MS14-009: Description of the security update for the .NET Framework 2.0 Service Pack 2 for Windows XP Service Pack 3 and Windows Server 2003 Service Pack 2: February 11, 2014</li><li><a href=\"https://support.microsoft.com/en-us/help/2898856\" id=\"kb-link-31\">2898856 </a> MS14-009: Description of the security update for the .NET Framework 2.0 Service Pack 2 for Windows XP Service Pack 3 and Windows Server 2003 Service Pack 2: February 11, 2014</li></ul><h5 class=\"sbody-h5 text-subtitle\">Microsoft .NET Framework 1.1</h5><ul class=\"sbody-free_list\"><li><a href=\"https://support.microsoft.com/en-us/help/2901115\" id=\"kb-link-32\">2901115 </a> MS14-009: Description of the security update for the .NET Framework 1.1 Service Pack 1 for Windows Server 2003 Service Pack 2: February 11, 2014</li><li><a href=\"https://support.microsoft.com/en-us/help/2898860\" id=\"kb-link-33\">2898860 </a> MS14-009: Description of the security update for the .NET Framework 1.1 Service Pack 1 for Windows Server 2003 Service Pack 2: February 11, 2014</li></ul><h5 class=\"sbody-h5 text-subtitle\">Microsoft .NET Framework 1.0</h5><ul class=\"sbody-free_list\"><li><a href=\"https://support.microsoft.com/en-us/help/2904878\" id=\"kb-link-34\">2904878 </a> MS14-009: Description of the security update for the .NET Framework 1.0 Service Pack 3 for Windows XP Service Pack 3 Tablet PC Edition and Windows XP Service Pack 3 Media Center Edition: February 11, 2014</li></ul></div><h2></h2><div class=\"kb-moreinformation-section section\"><h4 class=\"sbody-h4\">Update replacement information</h4>Update replacement information for each specific update can be found in the Knowledge Base articles that correspond to this update.</div><h2></h2><div class=\"kb-moreinformation-section section\"><div class=\"faq-section\" faq-section=\"\"><div class=\"faq-panel\"><div class=\"faq-panel-heading\" faq-panel-heading=\"\"><span class=\"link-expand-image\"><span class=\"faq-chevron win-icon win-icon-ChevronUpSmall\"></span></span><span class=\"bold btn-link link-expand-text\"><span class=\"bold btn-link\">File hash information</span></span></div><div class=\"faq-panel-body\" faq-panel-body=\"\"><span><div class=\"kb-collapsible kb-collapsible-collapsed\"><div class=\"table-responsive\"><table class=\"sbody-table table\"><tr class=\"sbody-tr\"><th class=\"sbody-th\">File name</th><th class=\"sbody-th\">SHA1 hash</th><th class=\"sbody-th\">SHA256 hash</th></tr><tr class=\"sbody-tr\"><td class=\"sbody-td\">MSIPatchRegFix-AMD64.exe</td><td class=\"sbody-td\">5011CB29B096FB674A4795EE8FC2F7FDAD33863A</td><td class=\"sbody-td\">BA62C33DD90ECC3C945AE4F52EEEB2FA07D2C53FB975263B483D09D80F02230D</td></tr><tr class=\"sbody-tr\"><td class=\"sbody-td\">MSIPatchRegFix-IA64.exe</td><td class=\"sbody-td\">CB861EAF1F4CDFFAD5F83604C7250CD9EDD96433</td><td class=\"sbody-td\">61867793FC7556B79E5833CC18F493A5611EDE94E0D944575E89BAA76B223A0D</td></tr><tr class=\"sbody-tr\"><td class=\"sbody-td\">MSIPatchRegFix-X86.exe</td><td class=\"sbody-td\">94A84B80B8B45A1AC53A0E5D085513DA0F099655</td><td class=\"sbody-td\">C83C5EE1D4FBFF5260A7D984471EAF4C6004431C21B4F661018BDB92CC124290</td></tr><tr class=\"sbody-tr\"><td class=\"sbody-td\">NDP1.0sp3-KB2904878-X86-Ocm-Chs.exe</td><td class=\"sbody-td\">4988B3C4F4EFBF083EB3971B9A1055AF17AE3E4C</td><td class=\"sbody-td\">6D954959FA716135A6F481A9E76AE443899AF5BEBD42FE8D3BB070069445C241</td></tr><tr class=\"sbody-tr\"><td class=\"sbody-td\">NDP1.0sp3-KB2904878-X86-Ocm-Cht.exe</td><td class=\"sbody-td\">3720CEA93D60891F7B283A93AAA2B333D7C0764B</td><td class=\"sbody-td\">E265B85C403FEB4A628D40349754BAA114C8FB259F72905EF90726F8FF50B37F</td></tr><tr class=\"sbody-tr\"><td class=\"sbody-td\">NDP1.0sp3-KB2904878-X86-Ocm-Deu.exe</td><td class=\"sbody-td\">ED48AEF7E81DCCDFBD0D8CF438D8E943293135A3</td><td class=\"sbody-td\">129821D9416B67A6B7FDF3BEC4E95C056EF26D20A70C3D8FBEFB0AFF1E45F27D</td></tr><tr class=\"sbody-tr\"><td class=\"sbody-td\">NDP1.0sp3-KB2904878-X86-Ocm-Enu.exe</td><td class=\"sbody-td\">CC2BCD12A0043AB5CF140ABC3D95C529D72D8681</td><td class=\"sbody-td\">3B4DB976DDAF5DC34954940FFB56401CB281AD65188F8CCFE56959820719DA28</td></tr><tr class=\"sbody-tr\"><td class=\"sbody-td\">NDP1.0sp3-KB2904878-X86-Ocm-Esn.exe</td><td class=\"sbody-td\">0C32F87BE754839E2296D26797CFC8EB51F57B17</td><td class=\"sbody-td\">E71056435EBA96B7B10FA0853B04CDA5AA08F499332AD9760CF017B0D70073C2</td></tr><tr class=\"sbody-tr\"><td class=\"sbody-td\">NDP1.0sp3-KB2904878-X86-Ocm-Fra.exe</td><td class=\"sbody-td\">5B43519F41987CF18D8DBAAB968E3E004CDB8112</td><td class=\"sbody-td\">89795C645362358540834BA39943BA8CC74FE6317724154319DFE9E6D5D10E38</td></tr><tr class=\"sbody-tr\"><td class=\"sbody-td\">NDP1.0sp3-KB2904878-X86-Ocm-Ita.exe</td><td class=\"sbody-td\">09A6786910C56592CC7BD0DB5E5E3927A5CBD511</td><td class=\"sbody-td\">CA9B1ED0FF15DBCE43FBA5DCC7B379140D13D23613CB0BE7A31F2938CB97A790</td></tr><tr class=\"sbody-tr\"><td class=\"sbody-td\">NDP1.0sp3-KB2904878-X86-Ocm-Jpn.exe</td><td class=\"sbody-td\">59262F359B40EB9F83275535E2BBF1420F525B1A</td><td class=\"sbody-td\">E8C07501290093D36216A7E22FD9A281EB61DE55822BA90D023472A48A45F8CA</td></tr><tr class=\"sbody-tr\"><td class=\"sbody-td\">NDP1.0sp3-KB2904878-X86-Ocm-Kor.exe</td><td class=\"sbody-td\">9D0E419C4930201A5F1745FFAD4F9A6C3FB3DEC0</td><td class=\"sbody-td\">4D62A971105598B6BE7E1CEAFFC7CF4A1A70A8B62F91C5C90B241136BDE562F0</td></tr><tr class=\"sbody-tr\"><td class=\"sbody-td\">NDP1.0sp3-KB2904878-X86-Ocm-Nld.exe</td><td class=\"sbody-td\">E6F48310E8BED2AB893E795383813B553BFEFFEB</td><td class=\"sbody-td\">ADCCEB4729B35052D06BFF26204F803E88030838D6535216EC509CE7EB33F7F5</td></tr><tr class=\"sbody-tr\"><td class=\"sbody-td\">NDP20SP2-KB2898856-IA64.exe</td><td class=\"sbody-td\">BD20ED1C6C0B1421CE0EF21475D20503F58580A5</td><td class=\"sbody-td\">973E107EF139372CDA16567A9B81EEA9CE537D2B674900A9FBB6D10D1129E6F0</td></tr><tr class=\"sbody-tr\"><td class=\"sbody-td\">NDP20SP2-KB2898856-x64.exe</td><td class=\"sbody-td\">C653217E5686C52DC5ECD04E585085DEC24231F5</td><td class=\"sbody-td\">7E9D795AED9DF8B65A44F6EBDA87E34B76B70F8A12D800D2CE8A9AC8B9B45BBD</td></tr><tr class=\"sbody-tr\"><td class=\"sbody-td\">NDP20SP2-KB2898856-x86.exe</td><td class=\"sbody-td\">2B7B7F57A6D659EE926A6E381B388FFF8BC3FD3E</td><td class=\"sbody-td\">A9A99298A357701EF9C0D008DE65E2B821BD75B79F692EE4E6672805B85A9380</td></tr><tr class=\"sbody-tr\"><td class=\"sbody-td\">NDP20SP2-KB2901111-IA64.exe</td><td class=\"sbody-td\">9F40B727F000C938E1DFCC694634F12CF9E43D25</td><td class=\"sbody-td\">F7AA46F643413B853B88834A4EB98308C69F8A1ABE919B95E5FDA0AEF598E8D7</td></tr><tr class=\"sbody-tr\"><td class=\"sbody-td\">NDP20SP2-KB2901111-x64.exe</td><td class=\"sbody-td\">FB628E658E956629414361DF1664CFF39C5E2DD0</td><td class=\"sbody-td\">29A11ABBF127B52FAE86E0D9031829BC94124EF615DFA3BBB1E7C5E56AC567DD</td></tr><tr class=\"sbody-tr\"><td class=\"sbody-td\">NDP20SP2-KB2901111-x86.exe</td><td class=\"sbody-td\">610083BD9139A2BC3FBDCD026E2D0CCE11CAFBC0</td><td class=\"sbody-td\">FC4C7BCCAF00EF80AAC607264864902F91B6C9786AF3886DCB600CB1C06EAFE7</td></tr><tr class=\"sbody-tr\"><td class=\"sbody-td\">NDP40-KB2898855-v2-IA64.exe</td><td class=\"sbody-td\">420B0D1E15D793F9AFEBD6968845C3512BE98591</td><td class=\"sbody-td\">EE5B748BB94B953021C848E13D0571FC7812DBB0CC24B991EC52738B257DF59A</td></tr><tr class=\"sbody-tr\"><td class=\"sbody-td\">NDP40-KB2898855-v2-x64.exe</td><td class=\"sbody-td\">E083C7A371D2F191BDC6DE6E233A0CE0C3411D8A</td><td class=\"sbody-td\">66480998C77715E9C34B9D94737959DEFEF649A7DCAD3E36BC0924DB0479D9D5</td></tr><tr class=\"sbody-tr\"><td class=\"sbody-td\">NDP40-KB2898855-v2-x86.exe</td><td class=\"sbody-td\">3B05125DAB14ECD4D8C804848F39AC66F6941511</td><td class=\"sbody-td\">DDDE50C7F3836B75ED957C2244A1AD682C45DB8788A025D192D85C8057DAA16D</td></tr><tr class=\"sbody-tr\"><td class=\"sbody-td\">NDP40-KB2901110-v2-IA64.exe</td><td class=\"sbody-td\">B3CAD8C0E7272C22C1B9C8776DC01FF1C5408395</td><td class=\"sbody-td\">2FFA480080814FE7D8D8FFC2FD183792EE58CDD4533BA4CBE5DE328585AF58F2</td></tr><tr class=\"sbody-tr\"><td class=\"sbody-td\">NDP40-KB2901110-v2-x64.exe</td><td class=\"sbody-td\">16EE7134D0906A79778C8B404291BA39C68792F7</td><td class=\"sbody-td\">0BCDF04D29EFCD53356D64A52044D8A765F6C5B828E74C8EB406D78885570F9F</td></tr><tr class=\"sbody-tr\"><td class=\"sbody-td\">NDP40-KB2901110-v2-x86.exe</td><td class=\"sbody-td\">9E9C5C03AEFBF129DDA5F03906D920C5B5F2B36F</td><td class=\"sbody-td\">7D3996F730DF79DB2DA7834B771F4A295C63DB975C0C327657B77361EAEADCB8</td></tr><tr class=\"sbody-tr\"><td class=\"sbody-td\">NDP45-KB2898864-x64.exe</td><td class=\"sbody-td\">BEDEDC7AEE671F13850CBA58B9C67C9CCABA43F3</td><td class=\"sbody-td\">C83BCAE73C8BAD056915810186C3E975AC7C7904944FE1C4C1F05E836975EA8A</td></tr><tr class=\"sbody-tr\"><td class=\"sbody-td\">NDP45-KB2898864-x86.exe</td><td class=\"sbody-td\">4EAED61B2AE9E4D78BA90326DE58512C52EBA005</td><td class=\"sbody-td\">74366C14A00A6A1342E3DA05709D384526BB831FBA864034C32399DEE8944ED1</td></tr><tr class=\"sbody-tr\"><td class=\"sbody-td\">NDP45-KB2898869-x64.exe</td><td class=\"sbody-td\">8AA5629EDD3AD58527C79009081B9DFF5E6B4ADF</td><td class=\"sbody-td\">B71585D718E412D532899A8CF66EC0DDE1314C8F4852E00986EF0097CA66035A</td></tr><tr class=\"sbody-tr\"><td class=\"sbody-td\">NDP45-KB2898869-x86.exe</td><td class=\"sbody-td\">03C2BB082A37D2C944D066BA1106D3A109A5460B</td><td class=\"sbody-td\">CADA9A68165C80CD3365644CBDE0928AF8041109B53E2C7D4EDB30047B0E50F0</td></tr><tr class=\"sbody-tr\"><td class=\"sbody-td\">NDP45-KB2901118-x64.exe</td><td class=\"sbody-td\">948B9C9F12F72D5E6F2460738202F5BEA9387DAA</td><td class=\"sbody-td\">513CF69C58F0B57566DAB0EAFB9C87E8ABB5E3B17309041C20775904D932A51D</td></tr><tr class=\"sbody-tr\"><td class=\"sbody-td\">NDP45-KB2901118-x86.exe</td><td class=\"sbody-td\">126A57BA98B72696328D3E1E3B060D43926EB6E5</td><td class=\"sbody-td\">50B0894CD05E294CCD9F9CC8571C72B5C6224806ACCC935BEA950445C30C2070</td></tr><tr class=\"sbody-tr\"><td class=\"sbody-td\">NDP45-KB2901126-x64.exe</td><td class=\"sbody-td\">99E49CB7E11D19A517425409D430A3DAD34BD3CF</td><td class=\"sbody-td\">96E51FB29BA3950AD4B2AFD9E04CFC904CAA8DF5793571B66CF55D644D0DDD84</td></tr><tr class=\"sbody-tr\"><td class=\"sbody-td\">NDP45-KB2901126-x86.exe</td><td class=\"sbody-td\">D279D017F62227ABAB4B61661A442E1A2B3771C9</td><td class=\"sbody-td\">B6D10A77D6D5A14A74B449B1FB2B34B62E44175FECB3CC1779E532FC1AD3C105</td></tr><tr class=\"sbody-tr\"><td class=\"sbody-td\">Windows6.0-KB2898858-ia64.msu</td><td class=\"sbody-td\">E5E8C81D7261452289120DD46AAD1B89BAF4B40A</td><td class=\"sbody-td\">C479A4524C25F61367661D9913F06F3DFBB4E2173DD54E701C9832C290F88BDD</td></tr><tr class=\"sbody-tr\"><td class=\"sbody-td\">Windows6.0-KB2898858-x64.msu</td><td class=\"sbody-td\">ABCD106ED343E14AD6537046E5945B6D9AE6DE62</td><td class=\"sbody-td\">C24F835E34C14D970CB8BF7670D1A1C2523FDB070A16215BCA4C6CDE0C1BF3C2</td></tr><tr class=\"sbody-tr\"><td class=\"sbody-td\">Windows6.0-KB2898858-x86.msu</td><td class=\"sbody-td\">801BD275E46D2BD6C7937C5F1300A1E493C182A3</td><td class=\"sbody-td\">F6BEEE8C29EB55ABED9D95BCAC815DA97E5734F99BD6247C1619AC4968B68D67</td></tr><tr class=\"sbody-tr\"><td class=\"sbody-td\">Windows6.0-KB2901113-ia64.msu</td><td class=\"sbody-td\">38B6F053764B77F556E7560DA376521000682A21</td><td class=\"sbody-td\">80742F7CB78A03841F1F66FBF584C9E792455B8B394795EFB5A03D60FEFE804F</td></tr><tr class=\"sbody-tr\"><td class=\"sbody-td\">Windows6.0-KB2901113-x64.msu</td><td class=\"sbody-td\">216A35BF2B5E7782B1480D5CDD9B647CB3B2243C</td><td class=\"sbody-td\">1E630D2EA29D4615F7A6E5D7352DDB8ED86112A1735E103D4361B05EEF3243CD</td></tr><tr class=\"sbody-tr\"><td class=\"sbody-td\">Windows6.0-KB2901113-x86.msu</td><td class=\"sbody-td\">05617C64C3776658D625D3E99C398A87468C261B</td><td class=\"sbody-td\">B9298C5417E9E8F9E33CA0C18617EA90BA8FDB3BBE6912E6D6D0E3F8F7AABD3D</td></tr><tr class=\"sbody-tr\"><td class=\"sbody-td\">Windows6.0-KB2911502-ia64.msu</td><td class=\"sbody-td\">4AA5A400645E2A24BBF7E68570B5D08D813B118C</td><td class=\"sbody-td\">C72012CD27E4FDE79D212594975351C8CF09E1499A4A82A76B488F0DB1A77DA9</td></tr><tr class=\"sbody-tr\"><td class=\"sbody-td\">Windows6.0-KB2911502-x64.msu</td><td class=\"sbody-td\">2069D275A00DFDAD4000682519B87A111F68B4FE</td><td class=\"sbody-td\">D32D5E95AA4C1C3C38BDE7F684A24655CFFD8AABEA67BB14A524A8079AE52DCC</td></tr><tr class=\"sbody-tr\"><td class=\"sbody-td\">Windows6.0-KB2911502-x86.msu</td><td class=\"sbody-td\">9F387A572CFDEA7CAB68032CFE62E683283706DE</td><td class=\"sbody-td\">DFD2806DA183EF2FC9356D06BB231AB2090FE191183C9104F53CF8112208956D</td></tr><tr class=\"sbody-tr\"><td class=\"sbody-td\">Windows6.0-KB980842-ia64.msu</td><td class=\"sbody-td\">2A2A67B37490C495E23B1EC709BACA49D06F0272</td><td class=\"sbody-td\">9494EDBFFE5DF90060C253C6E185DC2EE9739C144BCF1B25C2F42914078752EC</td></tr><tr class=\"sbody-tr\"><td class=\"sbody-td\">Windows6.0-KB980842-x64.msu</td><td class=\"sbody-td\">56CCB4131E94F0E4740AC65D54603AD9A2F32FDE</td><td class=\"sbody-td\">CC84E048D5B9A0F35F9FE981C1F0FCA67261D0C07B026B18B5626DE9ED97C6F1</td></tr><tr class=\"sbody-tr\"><td class=\"sbody-td\">Windows6.0-KB980842-x86.msu</td><td class=\"sbody-td\">A6FC223B39B42789FF7A319AFEFF86DF2913D187</td><td class=\"sbody-td\">C41C2294AC8CEDE7308711183F8E0FA5BE9208ACBEEF5DB347BE6E0C8AF2E4AA</td></tr><tr class=\"sbody-tr\"><td class=\"sbody-td\">Windows6.1-KB2898857-ia64.msu</td><td class=\"sbody-td\">11A5CE5906D619D2ED0D47D4B795DBE0BC94D437</td><td class=\"sbody-td\">B50FAAABA0219B45D6A8A0DA6CF9212F88DB34ECEF3B626973C661470B12494B</td></tr><tr class=\"sbody-tr\"><td class=\"sbody-td\">Windows6.1-KB2898857-x64.msu</td><td class=\"sbody-td\">C6960541776B7CC108BE7EAB97EAF3FDBB26A666</td><td class=\"sbody-td\">20F23E9A5A694CF818FE060F105088BE36A4958A5D390B21389A8C0AEA3611DC</td></tr><tr class=\"sbody-tr\"><td class=\"sbody-td\">Windows6.1-KB2898857-x86.msu</td><td class=\"sbody-td\">B68F448F8E31E461F352C5BF03EEDEEBB8375DDE</td><td class=\"sbody-td\">60B4E1BFBCC980CA3FD9BF8C6FA9D779F056ED964899918724C8A98AAE1F5E37</td></tr><tr class=\"sbody-tr\"><td class=\"sbody-td\">Windows6.1-KB2901112-ia64.msu</td><td class=\"sbody-td\">2C264C37273F2EF2C70B5B678C7456817BD66235</td><td class=\"sbody-td\">274585BB3D61083D4652F77F3E82335BF99FE2C04B6C093E76568F3B4412D16E</td></tr><tr class=\"sbody-tr\"><td class=\"sbody-td\">Windows6.1-KB2901112-x64.msu</td><td class=\"sbody-td\">BE8E7867485AAC34F9549F2F7FE0F9E8B15DA18F</td><td class=\"sbody-td\">E78A8ECFE8F74007517D2F3968AB47F00B0BA10E5C0356D6F773ED2F29E9C31C</td></tr><tr class=\"sbody-tr\"><td class=\"sbody-td\">Windows6.1-KB2901112-x86.msu</td><td class=\"sbody-td\">15A3ACDA97F7C9AE092DB4604CF6C80562B4D06F</td><td class=\"sbody-td\">460A8B0D540BAEF742C6A5A5BF62475C7B7DE72F61F0072E985F0112D62751DC</td></tr><tr class=\"sbody-tr\"><td class=\"sbody-td\">Windows6.1-KB2911501-ia64.msu</td><td class=\"sbody-td\">52B266C032BC98EE3DEB9263A09E92ABF3E5333F</td><td class=\"sbody-td\">B22D07795E388CF44860EE963C492B0BED29B4F4DC72CB1F4E316FE6DED8DA25</td></tr><tr class=\"sbody-tr\"><td class=\"sbody-td\">Windows6.1-KB2911501-x64.msu</td><td class=\"sbody-td\">8C304D7A8A79AF75507086623DC8873EB2FD28C0</td><td class=\"sbody-td\">377018DA28F1E67F907FBB0BE29BD6EFF925E87938CE7427E6CC984599F4B2FF</td></tr><tr class=\"sbody-tr\"><td class=\"sbody-td\">Windows6.1-KB2911501-x86.msu</td><td class=\"sbody-td\">5A0D066E5A944D4568D34A4C19CCB050C3DCC069</td><td class=\"sbody-td\">5FBE088F8C19A194FD9EB53FC4E4D8B6D6EC6C04314B337A19D2E0B69B3DC611</td></tr><tr class=\"sbody-tr\"><td class=\"sbody-td\">Windows8-RT-KB2898865-x64.msu</td><td class=\"sbody-td\">4280D6D4FA6FB2D4AEA9E3C9F09550B59975BF49</td><td class=\"sbody-td\">79F5129D08EBF5785C92F3D2B829242C8E35B7C98D5158D77BCE3A49446656EF</td></tr><tr class=\"sbody-tr\"><td class=\"sbody-td\">Windows8-RT-KB2898865-x86.msu</td><td class=\"sbody-td\">8A4D26974DC77C57A9415917A5E01BB41265A417</td><td class=\"sbody-td\">6635B18BF1EB51A13C2BDF7CE5493BCC0CA578CB2B1C46F15DB6ED99436468E6</td></tr><tr class=\"sbody-tr\"><td class=\"sbody-td\">Windows8-RT-KB2898866-x64.msu</td><td class=\"sbody-td\">B07933EF7ECD4F57C8FAF9EBF988D6652C23C72A</td><td class=\"sbody-td\">BD3CE2DFC824EA2715C07B7086F7D7B4F2F30A26D0B5954EF9E7EA5902DA0521</td></tr><tr class=\"sbody-tr\"><td class=\"sbody-td\">Windows8-RT-KB2898866-x86.msu</td><td class=\"sbody-td\">85151E65E518AD52A9735BB50C016AEE56D5D737</td><td class=\"sbody-td\">BEE4BF219C0D3D8763C5D7FB73565F28A9431F1B71275C7C74B0EAE71D6862CD</td></tr><tr class=\"sbody-tr\"><td class=\"sbody-td\">Windows8-RT-KB2898870-x64.msu</td><td class=\"sbody-td\">38492B5E477712A4ADA99B373CDBE0F71A0FEEFB</td><td class=\"sbody-td\">D3D4F08796205C4990DDADB950130BD28AEC5DE32C1EE30F68968E0B77D43BF0</td></tr><tr class=\"sbody-tr\"><td class=\"sbody-td\">Windows8-RT-KB2898870-x86.msu</td><td class=\"sbody-td\">7EF6E4C0F1654AABD2D914EBE8725D54F498BC22</td><td class=\"sbody-td\">69D22C7107643956BA987D37C08726388F11DC842B38D2117158BB8EEF4211F4</td></tr><tr class=\"sbody-tr\"><td class=\"sbody-td\">Windows8-RT-KB2901119-x64.msu</td><td class=\"sbody-td\">1EC4C9BF7B9F8A9E9EEBF3FA04D41FC82752E05C</td><td class=\"sbody-td\">393A831E0F69C4F41591D58D97C2D6C31242EB9C6A3182AEF6BAB6A70DA68F1A</td></tr><tr class=\"sbody-tr\"><td class=\"sbody-td\">Windows8-RT-KB2901119-x86.msu</td><td class=\"sbody-td\">BD06D55E0BA591941F33531FDDAB3C51560780FC</td><td class=\"sbody-td\">599C04834D42FC6AF2A0AEEBD084B8ED600C1E11067FFE91BF1D94A46260A2F2</td></tr><tr class=\"sbody-tr\"><td class=\"sbody-td\">Windows8-RT-KB2901120-x64.msu</td><td class=\"sbody-td\">EFFC0CFF3BC7DBD4629233CA41AC57601ACE59B8</td><td class=\"sbody-td\">59E2ABA93938B8D26192EF0D9D87C48804B36AA10C5439B8D0A6925E567CF9AB</td></tr><tr class=\"sbody-tr\"><td class=\"sbody-td\">Windows8-RT-KB2901120-x86.msu</td><td class=\"sbody-td\">8691306CA5B3B6859D9BB167484A0F5520A950D7</td><td class=\"sbody-td\">C4C0A14083D319A93192C246ACD6867A50BF2302C9BBFB9258C05EFCB1275471</td></tr><tr class=\"sbody-tr\"><td class=\"sbody-td\">Windows8-RT-KB2901127-x64.msu</td><td class=\"sbody-td\">929F6F528B25FC64BC02780119F768F65C38D027</td><td class=\"sbody-td\">6C395DACF2CE290234F484881B8453C85EB51A3EE0A4EBFBC5CF43C121C4ED91</td></tr><tr class=\"sbody-tr\"><td class=\"sbody-td\">Windows8-RT-KB2901127-x86.msu</td><td class=\"sbody-td\">050C4E57D772446C9B88F19F52E66EA54B4D3838</td><td class=\"sbody-td\">19FD402A28F273CB02070C794CEEE282320B484153D5DB1A4A4AE364733E0C1C</td></tr><tr class=\"sbody-tr\"><td class=\"sbody-td\">Windows8.1-KB2898868-x64.msu</td><td class=\"sbody-td\">5552473818955B427E7F719F2489290D5F873E7B</td><td class=\"sbody-td\">210C15DBE11957270BD1BA9922BAF05F1C5091153A9119AD4A0B743E7C078AE3</td></tr><tr class=\"sbody-tr\"><td class=\"sbody-td\">Windows8.1-KB2898868-x86.msu</td><td class=\"sbody-td\">361BB76E7D3148F8E1DE13C1DF65258A783616AA</td><td class=\"sbody-td\">A60120602DC90717CA6A210EE58EEA172B77C17868803BE2702DD552D5BC7E20</td></tr><tr class=\"sbody-tr\"><td class=\"sbody-td\">Windows8.1-KB2898871-x64.msu</td><td class=\"sbody-td\">63EC4BF3697E4DEFD7296F52D1E0D19C2601788E</td><td class=\"sbody-td\">4918BC1B168B2A15D23AFCBDFCB35EF903DD390BA77F8BAFF4E50DB8FAA49719</td></tr><tr class=\"sbody-tr\"><td class=\"sbody-td\">Windows8.1-KB2898871-x86.msu</td><td class=\"sbody-td\">27F94C63A80C3C26FA2A552BCF5B14721B88CE18</td><td class=\"sbody-td\">6206770DC71EE4F09A8C610B97108751EAD16626823395CD85691232C636071F</td></tr><tr class=\"sbody-tr\"><td class=\"sbody-td\">Windows8.1-KB2901125-x64.msu</td><td class=\"sbody-td\">3F3945787AA3C93A57B31860783C8F1188203F9B</td><td class=\"sbody-td\">41D7178C4B5F5B5527C5C942208D1BF1FFDFF9EF35D22E5B0A376FE8EB7A97A7</td></tr><tr class=\"sbody-tr\"><td class=\"sbody-td\">Windows8.1-KB2901125-x86.msu</td><td class=\"sbody-td\">04962399E2D5574CBC511AEDDF2D4B96A42CED11</td><td class=\"sbody-td\">EC1B602D311205AC020DA59129F0FA5ACB73D7D8F87481058DB9E4EFDF293FC0</td></tr><tr class=\"sbody-tr\"><td class=\"sbody-td\">Windows8.1-KB2901128-x64.msu</td><td class=\"sbody-td\">5A34F813EE10073058A367FBEA976DCE62AD9BCF</td><td class=\"sbody-td\">E495DE6C6FA9609561BBF526B8850D2450E0AB811F8CDB91AA8261F24F411BAA</td></tr><tr class=\"sbody-tr\"><td class=\"sbody-td\">Windows8.1-KB2901128-x86.msu</td><td class=\"sbody-td\">C277D40CAAE1365EFF9881AB88A40CCF82E3821D</td><td class=\"sbody-td\">B0E03589D5E7E3C7E981CC2AF86E64A7F85D3068F16D445923BF663159B42B4F</td></tr><tr class=\"sbody-tr\"><td class=\"sbody-td\">WindowsServer2003-KB2898860-x86-CHS.exe</td><td class=\"sbody-td\">6578997B28825B6CB43D3B96C74003C123ABD73D</td><td class=\"sbody-td\">8391A7FD2F85E50B3DE93C92E1255E7AF56A1F49D654AE5AE7C5FE35978254F1</td></tr><tr class=\"sbody-tr\"><td class=\"sbody-td\">WindowsServer2003-KB2898860-x86-CHT.exe</td><td class=\"sbody-td\">993CE34072501EECB264791DF489C3428FFCFE70</td><td class=\"sbody-td\">58FF5F37B35B0D9F482DDA42013B597098705828371DF6F53C8796B894F56993</td></tr><tr class=\"sbody-tr\"><td class=\"sbody-td\">WindowsServer2003-KB2898860-x86-CSY.exe</td><td class=\"sbody-td\">016F315AD297E74E6BE378F03D27D75740D5022C</td><td class=\"sbody-td\">1B81391671353BA4BE270F337482891E1CC8B382D43DE4B31F86D8FA38C4CEF1</td></tr><tr class=\"sbody-tr\"><td class=\"sbody-td\">WindowsServer2003-KB2898860-x86-DEU.exe</td><td class=\"sbody-td\">3EFCFA4159F603DC4F51F3AE7F3DE3B19CB1A6E9</td><td class=\"sbody-td\">A71510CEB811AE13292AEEE2CB4F5F6003E93E98835CE1A393BE5BA93A29C3E6</td></tr><tr class=\"sbody-tr\"><td class=\"sbody-td\">WindowsServer2003-KB2898860-x86-ENU.exe</td><td class=\"sbody-td\">61723C06D0615E0C5C1DA9EFA0A0D2B4317757DC</td><td class=\"sbody-td\">670C0A4350D1F3E841BE9402B2C72E95B910CD56D915228B7E6B0F1769105AC3</td></tr><tr class=\"sbody-tr\"><td class=\"sbody-td\">WindowsServer2003-KB2898860-x86-ESN.exe</td><td class=\"sbody-td\">A8F84BA1C4A537297B942220B9AC11B1D5CFC5B3</td><td class=\"sbody-td\">E955CB16C47C9BEA6A00DD74FF0298E437DAB54B88DE806FDC0467F95FFAFCA6</td></tr><tr class=\"sbody-tr\"><td class=\"sbody-td\">WindowsServer2003-KB2898860-x86-FRA.exe</td><td class=\"sbody-td\">C1BF8F9414984C7AC87046FB97E3B7760266A4F3</td><td class=\"sbody-td\">483ED066D0212B1952814B743FA7C81C37E3800FF6C7E306066B3AADAA47BF1C</td></tr><tr class=\"sbody-tr\"><td class=\"sbody-td\">WindowsServer2003-KB2898860-x86-HUN.exe</td><td class=\"sbody-td\">5079406E3F5FC6860B41D160A44D4B2DC6D640E1</td><td class=\"sbody-td\">DA8C65065104996E31E9556CF3BB7DEE7034D708888F141F77B7CBD5D952E38B</td></tr><tr class=\"sbody-tr\"><td class=\"sbody-td\">WindowsServer2003-KB2898860-x86-ITA.exe</td><td class=\"sbody-td\">78030B9BF74E05F1CE90DB46CC8A681A9045A773</td><td class=\"sbody-td\">8CCB809C948B212C9339AF1AD576F4FE973EBDC3AD2226C9455F75BFEF320DCD</td></tr><tr class=\"sbody-tr\"><td class=\"sbody-td\">WindowsServer2003-KB2898860-x86-JPN.exe</td><td class=\"sbody-td\">3141F656983263F3909E59E54B597D40884B0A9A</td><td class=\"sbody-td\">BF8F96FEF79C0EA7B27A0346F476E8F67AFFDE2B572E9E58809FAA28D8659A4C</td></tr><tr class=\"sbody-tr\"><td class=\"sbody-td\">WindowsServer2003-KB2898860-x86-KOR.exe</td><td class=\"sbody-td\">DBE6D33B97F7203696BB0F64FD89D3EF109D3758</td><td class=\"sbody-td\">9212A5151257AF5D5D6EF81E4A5DAD31849CE28E150F61C08B5C233F19C4AA6E</td></tr><tr class=\"sbody-tr\"><td class=\"sbody-td\">WindowsServer2003-KB2898860-x86-NLD.exe</td><td class=\"sbody-td\">6575A296E7A4EFDE0B77D6FE9F6192AC1E43678D</td><td class=\"sbody-td\">E8E2BA5A266C5F3FE97377B9A9AE9228627EBAB53C3B27794B7A864963CA7356</td></tr><tr class=\"sbody-tr\"><td class=\"sbody-td\">WindowsServer2003-KB2898860-x86-PLK.exe</td><td class=\"sbody-td\">27E021527FEFE497DB4AC8312D48E491574D772B</td><td class=\"sbody-td\">413F99D31798494799C1A5659D56AF8494CD70A16315C5E7F7D4B5B9DD9BC3F3</td></tr><tr class=\"sbody-tr\"><td class=\"sbody-td\">WindowsServer2003-KB2898860-x86-PTB.exe</td><td class=\"sbody-td\">8425973B29F5EACD03BDA3972C6D5EBE7E4EA19C</td><td class=\"sbody-td\">E5F85322413D73E5FCC2F210B7315585698FDB307E58539139831C066BC86B2B</td></tr><tr class=\"sbody-tr\"><td class=\"sbody-td\">WindowsServer2003-KB2898860-x86-PTG.exe</td><td class=\"sbody-td\">8C4ED3EA1F2885D45EE4D6A5E1430C40C25D2173</td><td class=\"sbody-td\">F991B8D73B4CB43C1E721522C0263CB2EEC9AF40298056365024B0A8B8026356</td></tr><tr class=\"sbody-tr\"><td class=\"sbody-td\">WindowsServer2003-KB2898860-x86-RUS.exe</td><td class=\"sbody-td\">FE389FC21CFDD22B613E0C5F933DE7BDE9953AF2</td><td class=\"sbody-td\">30EC3420CBADA19797AF0BB2E7FA2CBEA058562BFCF0156CCA4E55C924DC5237</td></tr><tr class=\"sbody-tr\"><td class=\"sbody-td\">WindowsServer2003-KB2898860-x86-SVE.exe</td><td class=\"sbody-td\">B89139D8DC7E316268AAB8FDE94C44F320FD741D</td><td class=\"sbody-td\">E1CB750463545730C6163F2C966D21AEB4F22A30F53B13791D8F97652096A4EA</td></tr><tr class=\"sbody-tr\"><td class=\"sbody-td\">WindowsServer2003-KB2898860-x86-TRK.exe</td><td class=\"sbody-td\">B88FB4F74425620BA645BCCCF6FD4F686E26566F</td><td class=\"sbody-td\">7FAEE3869A8486D5470FB35427369C679C8B260A77AFF79A9DABE2C25ECCB1F6</td></tr><tr class=\"sbody-tr\"><td class=\"sbody-td\">WindowsServer2003-KB2901115-x86-CHS.exe</td><td class=\"sbody-td\">6486673019C9E9D918AB3EA904D5915DCF7186ED</td><td class=\"sbody-td\">4AA5A808857E8A650B3D1EFFE85D3632C5B76ED604950612AB23B68B190A66AA</td></tr><tr class=\"sbody-tr\"><td class=\"sbody-td\">WindowsServer2003-KB2901115-x86-CHT.exe</td><td class=\"sbody-td\">157193E79CFE0C91CF9C6AA2BAA6AEAC100A6F57</td><td class=\"sbody-td\">14618501BA27C9B177FD41702B9A5BD28FDB0A859A8B0934A236C00E08C9F600</td></tr><tr class=\"sbody-tr\"><td class=\"sbody-td\">WindowsServer2003-KB2901115-x86-CSY.exe</td><td class=\"sbody-td\">EA232151CE96AA978A9325B3F556CED51C45ABDF</td><td class=\"sbody-td\">813EB112671A890B80B76EE1C3F9D94D56F2DEEDD203407D36311D0C74540B02</td></tr><tr class=\"sbody-tr\"><td class=\"sbody-td\">WindowsServer2003-KB2901115-x86-DEU.exe</td><td class=\"sbody-td\">0F64F857493DA169DE114B53E8436C4C8C753AF6</td><td class=\"sbody-td\">74CA38469BCCC19659A9C8230C0C1E16A9BF4CC074E13B8EC6D734EB39149D1D</td></tr><tr class=\"sbody-tr\"><td class=\"sbody-td\">WindowsServer2003-KB2901115-x86-ENU.exe</td><td class=\"sbody-td\">D284B8F53E6464C2122C568009A21F9A3291A989</td><td class=\"sbody-td\">891EC5D171E3A073C6AB9F9E83E6F15673A6D7D472B1082AB60A430B15CC0252</td></tr><tr class=\"sbody-tr\"><td class=\"sbody-td\">WindowsServer2003-KB2901115-x86-ESN.exe</td><td class=\"sbody-td\">CB3877089F2245EC09CF1F519CF3C1814644A792</td><td class=\"sbody-td\">B63B9543477AC99B577F93BAA9DDAAD2517646321929311DEEDB00C6B8E1B552</td></tr><tr class=\"sbody-tr\"><td class=\"sbody-td\">WindowsServer2003-KB2901115-x86-FRA.exe</td><td class=\"sbody-td\">B9843716F46F8DF9A4B36BCC7E649C33086BFC8E</td><td class=\"sbody-td\">EF6C366A13778FC0721D8B0F424DFB1C18C9EC6258253DF83D1881CACDEA4853</td></tr><tr class=\"sbody-tr\"><td class=\"sbody-td\">WindowsServer2003-KB2901115-x86-HUN.exe</td><td class=\"sbody-td\">7A10FA4F164C59E6CD3F2ECDECB997A4AA8A9D1B</td><td class=\"sbody-td\">9B6F4661F95D4A56326EFE407F31DD856BA97C7E0848139C4426920BD47F62D9</td></tr><tr class=\"sbody-tr\"><td class=\"sbody-td\">WindowsServer2003-KB2901115-x86-ITA.exe</td><td class=\"sbody-td\">39851C9C7C7C6B5846FF75E80860B68419D59B34</td><td class=\"sbody-td\">9A35FECFEB1DE11E3ACFE476948758DFDB2F495BC593897A6A0DD896941AAB3C</td></tr><tr class=\"sbody-tr\"><td class=\"sbody-td\">WindowsServer2003-KB2901115-x86-JPN.exe</td><td class=\"sbody-td\">60B32AE4555FF1E576CFBA41B4D631C3BEAD44EF</td><td class=\"sbody-td\">54973EE8EC356FA6D968FBAF622C5EDE1720FE49316E0E06093573FA2D403326</td></tr><tr class=\"sbody-tr\"><td class=\"sbody-td\">WindowsServer2003-KB2901115-x86-KOR.exe</td><td class=\"sbody-td\">D136759F894F7F9ED8A0CA105AA24D95A6540AAB</td><td class=\"sbody-td\">E70D4F8EACE8676B693CDAB4172C108DD2759723B966520F5589820A442F1D50</td></tr><tr class=\"sbody-tr\"><td class=\"sbody-td\">WindowsServer2003-KB2901115-x86-NLD.exe</td><td class=\"sbody-td\">A75ADA18C4DAE7E536A425620DEBEADF4CAFC89A</td><td class=\"sbody-td\">B6648AE6450F5AD09D67A294B3D319596C6A630147E7AC56E7D322C8221EB440</td></tr><tr class=\"sbody-tr\"><td class=\"sbody-td\">WindowsServer2003-KB2901115-x86-PLK.exe</td><td class=\"sbody-td\">E33A45748FB63583F64A9860AA4D380D12351131</td><td class=\"sbody-td\">5CAE45881A45954849DD1BFE340320AD2E7296F6EA98BA4ED464BC2240EC07BD</td></tr><tr class=\"sbody-tr\"><td class=\"sbody-td\">WindowsServer2003-KB2901115-x86-PTB.exe</td><td class=\"sbody-td\">9EF59975B3E57E5A31A229C58005E53FEB339A9E</td><td class=\"sbody-td\">0C29CF0C0427A5FFFA1A3A8A9F17E60419E1A01C88310E266731B4521EAEF7C2</td></tr><tr class=\"sbody-tr\"><td class=\"sbody-td\">WindowsServer2003-KB2901115-x86-PTG.exe</td><td class=\"sbody-td\">1511FDE28E174D858A9E200103293FCF787E1213</td><td class=\"sbody-td\">C603D947D5370B531CE5C4E041253B04881D00323019934E3C6B371C5FA3E0F8</td></tr><tr class=\"sbody-tr\"><td class=\"sbody-td\">WindowsServer2003-KB2901115-x86-RUS.exe</td><td class=\"sbody-td\">746DC8346319313AB7952AACC97134CA771C5D4E</td><td class=\"sbody-td\">FD9C030EB4A6938618A0CF5B1C1E3FBB2FC5E7A82F7D8FDE515C3416D228FD8C</td></tr><tr class=\"sbody-tr\"><td class=\"sbody-td\">WindowsServer2003-KB2901115-x86-SVE.exe</td><td class=\"sbody-td\">0ED13DA27D13B001FA4CAEF36D0C50079E2C6737</td><td class=\"sbody-td\">D6259C824E7ECF6D7D53F3C999F248A1BE56D1DAD3D97EB3E710E8EA89B5D2C5</td></tr><tr class=\"sbody-tr\"><td class=\"sbody-td\">WindowsServer2003-KB2901115-x86-TRK.exe</td><td class=\"sbody-td\">3859EE0B8BAE77DBFDD108A4C188A4E2092CD886</td><td class=\"sbody-td\">2F3583137EB70D6A2B23D6F8CC334CE21EBFC7379745D3982F6EB5881A6F7C6D</td></tr></table></div></div><br/></span></div></div></div></div><h2></h2><div class=\"kb-moreinformation-section section\"><a class=\"bookmark\" id=\"appliestoproducts\"></a><br/><h3 class=\"sbody-h3\">Applies to</h3>This article applies to the following:<ul class=\"sbody-free_list\"><li>Microsoft .NET Framework 4.5.1 when used with:<ul class=\"sbody-free_list\"><li>Windows 8.1</li><li>Windows RT 8.1</li><li>Windows Server 2012 R2</li><li>Windows 8</li><li>Windows RT</li><li>Windows Server 2012</li><li>Windows 7 Service Pack 1</li><li>Windows Server 2008 R2 Service Pack 1</li><li>Windows Vista Service Pack 2</li><li>Windows Server 2008 Service Pack 2</li></ul></li><li>Microsoft .NET Framework 4.5 when used with:<ul class=\"sbody-free_list\"><li>Windows 8</li><li>Windows RT</li><li>Windows Server 2012</li><li>Windows 7 Service Pack 1</li><li>Windows Server 2008 R2 Service Pack 1</li><li>Windows Vista Service Pack 2</li><li>Windows Server 2008 Service Pack 2</li></ul></li><li>Microsoft .NET Framework 4 when used with:<ul class=\"sbody-free_list\"><li>Windows 7 Service Pack 1</li><li>Windows Server 2008 R2 Service Pack 1</li><li>Windows Vista Service Pack 2</li><li>Windows Server 2008 Service Pack 2</li><li>Windows XP Service Pack 3</li><li>Windows Server 2003 Service Pack 2</li></ul></li><li>Microsoft .NET Framework 3.5.1 when used with:<ul class=\"sbody-free_list\"><li>Windows 7 Service Pack 1</li><li>Windows Server 2008 R2 Service Pack 1</li></ul></li><li>Microsoft .NET Framework 3.5 when used with:<ul class=\"sbody-free_list\"><li>Windows 8.1</li><li>Windows Server 2012 R2</li><li>Windows 8</li><li>Windows Server 2012</li></ul></li><li>Microsoft .NET Framework 2.0 Service Pack 2 when used with:<ul class=\"sbody-free_list\"><li>Windows Vista Service Pack 2</li><li>Windows Server 2008 Service Pack 2</li><li>Windows XP Service Pack 3</li><li>Windows Server 2003 Service Pack 2</li></ul></li><li>Microsoft .NET Framework 1.1 Service Pack 1 when used with:<ul class=\"sbody-free_list\"><li>Windows Server 2003 Service Pack 2</li></ul></li><li>Microsoft .NET Framework 1.0 Service Pack 3 when used with:<ul class=\"sbody-free_list\"><li>Windows XP Service Pack 3 Tablet PC Edition </li><li>Windows XP Service Pack 3 Media Center Edition</li></ul></li></ul></div></body></html>", "edition": 2, "modified": "2014-02-18T03:19:19", "id": "KB2916607", "href": "https://support.microsoft.com/en-us/help/2916607/", "published": "2014-02-11T00:00:00", "title": "MS14-009: Vulnerabilities in the .NET Framework could allow elevation of privilege: February 11, 2014", "type": "mskb", "cvss": {"score": 9.3, "vector": "AV:N/AC:M/Au:N/C:C/I:C/A:C"}}], "nessus": [{"lastseen": "2021-04-01T06:15:59", "description": "The remote Windows host is running a version of the Microsoft .NET\nFramework that is affected by multiple vulnerabilities :\n\n - An error exists related to handling stale or closed\n HTTP client connections that can allow denial of service\n attacks. (CVE-2014-0253)\n\n - An error exists related to decisions regarding the\n safety of executing certain methods that can allow\n privilege escalation. (CVE-2014-0257)\n\n - An error exists related to the component 'VSAVB7RT'\n that can allow Address Space Layout Randomization (ASLR)\n bypasses. (CVE-2014-0295)", "edition": 29, "published": "2014-02-12T00:00:00", "title": "MS14-009: Vulnerabilities in .NET Framework Could Allow Privilege Escalation (2916607)", "type": "nessus", "bulletinFamily": "scanner", "cvelist": ["CVE-2014-0257", "CVE-2014-0253", "CVE-2014-0295"], "modified": "2021-04-02T00:00:00", "cpe": ["cpe:/a:microsoft:.net_framework"], "id": "SMB_NT_MS14-009.NASL", "href": "https://www.tenable.com/plugins/nessus/72432", "sourceData": "#\n# (C) Tenable Network Security, Inc.\n#\n\n\ninclude(\"compat.inc\");\n\n\nif (description)\n{\n script_id(72432);\n script_version(\"1.17\");\n script_cvs_date(\"Date: 2018/11/15 20:50:31\");\n\n script_cve_id(\"CVE-2014-0253\", \"CVE-2014-0257\", \"CVE-2014-0295\");\n script_bugtraq_id(65415, 65417, 65418);\n script_xref(name:\"MSFT\", value:\"MS14-009\");\n script_xref(name:\"MSKB\", value:\"2898855\");\n script_xref(name:\"MSKB\", value:\"2898856\");\n script_xref(name:\"MSKB\", value:\"2898857\");\n script_xref(name:\"MSKB\", value:\"2898858\");\n script_xref(name:\"MSKB\", value:\"2898860\");\n script_xref(name:\"MSKB\", value:\"2898864\");\n script_xref(name:\"MSKB\", value:\"2898865\");\n script_xref(name:\"MSKB\", value:\"2898866\");\n script_xref(name:\"MSKB\", value:\"2898868\");\n script_xref(name:\"MSKB\", value:\"2898869\");\n script_xref(name:\"MSKB\", value:\"2898870\");\n script_xref(name:\"MSKB\", value:\"2898871\");\n script_xref(name:\"MSKB\", value:\"2901110\");\n script_xref(name:\"MSKB\", value:\"2901111\");\n script_xref(name:\"MSKB\", value:\"2901112\");\n script_xref(name:\"MSKB\", value:\"2901113\");\n script_xref(name:\"MSKB\", value:\"2901115\");\n script_xref(name:\"MSKB\", value:\"2901118\");\n script_xref(name:\"MSKB\", value:\"2901119\");\n script_xref(name:\"MSKB\", value:\"2901120\");\n script_xref(name:\"MSKB\", value:\"2901125\");\n script_xref(name:\"MSKB\", value:\"2901126\");\n script_xref(name:\"MSKB\", value:\"2901127\");\n script_xref(name:\"MSKB\", value:\"2901128\");\n script_xref(name:\"MSKB\", value:\"2911501\");\n script_xref(name:\"MSKB\", value:\"2911502\");\n\n script_name(english:\"MS14-009: Vulnerabilities in .NET Framework Could Allow Privilege Escalation (2916607)\");\n script_summary(english:\"Checks version of System.Security.dll\");\n\n script_set_attribute(\n attribute:\"synopsis\",\n value:\n\"The version of the .NET Framework installed on the remote host is\naffected by multiple vulnerabilities.\"\n );\n script_set_attribute(\n attribute:\"description\",\n value:\n\"The remote Windows host is running a version of the Microsoft .NET\nFramework that is affected by multiple vulnerabilities :\n\n - An error exists related to handling stale or closed\n HTTP client connections that can allow denial of service\n attacks. (CVE-2014-0253)\n\n - An error exists related to decisions regarding the\n safety of executing certain methods that can allow\n privilege escalation. (CVE-2014-0257)\n\n - An error exists related to the component 'VSAVB7RT'\n that can allow Address Space Layout Randomization (ASLR)\n bypasses. (CVE-2014-0295)\"\n );\n script_set_attribute(attribute:\"see_also\", value:\"https://docs.microsoft.com/en-us/security-updates/SecurityBulletins/2014/ms14-009\");\n script_set_attribute(\n attribute:\"solution\",\n value:\n\"Microsoft has released a set of patches for .NET Framework 1.1 SP1, 2.0\nSP2, 3.5, 3.5.1, 4.0, 4.5, and 4.5.1.\"\n );\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:M/Au:N/C:C/I:C/A:C\");\n script_set_cvss_temporal_vector(\"CVSS2#E:H/RL:OF/RC:C\");\n script_set_attribute(attribute:\"exploitability_ease\", value:\"Exploits are available\");\n script_set_attribute(attribute:\"exploit_available\", value:\"true\");\n script_set_attribute(attribute:\"exploited_by_malware\", value:\"true\");\n script_set_attribute(attribute:\"metasploit_name\", value:'MS14-009 .NET Deployment Service IE Sandbox Escape');\n script_set_attribute(attribute:\"exploit_framework_metasploit\", value:\"true\");\n\n script_set_attribute(attribute:\"vuln_publication_date\", value:\"2014/02/11\");\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2014/02/11\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2014/02/12\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/a:microsoft:.net_framework\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_family(english:\"Windows : Microsoft Bulletins\");\n\n script_copyright(english:\"This script is Copyright (C) 2014-2018 Tenable Network Security, Inc.\");\n\n script_dependencies(\"smb_hotfixes.nasl\", \"ms_bulletin_checks_possible.nasl\", \"microsoft_net_framework_installed.nasl\");\n script_require_keys(\"SMB/MS_Bulletin_Checks/Possible\");\n script_require_ports(139, 445, \"Host/patch_management_checks\");\n\n exit(0);\n}\n\ninclude(\"audit.inc\");\ninclude(\"smb_hotfixes_fcheck.inc\");\ninclude(\"smb_hotfixes.inc\");\ninclude(\"smb_func.inc\");\ninclude(\"misc_func.inc\");\ninclude(\"smb_reg_query.inc\");\ninclude(\"install_func.inc\");\n\nget_kb_item_or_exit(\"SMB/MS_Bulletin_Checks/Possible\");\n\nbulletin = 'MS14-009';\nkbs = make_list(\n \"2898855\",\n \"2898856\",\n \"2898857\",\n \"2898858\",\n \"2898860\",\n \"2898864\",\n \"2898865\",\n \"2898866\",\n \"2898868\",\n \"2898869\",\n \"2898870\",\n \"2898871\",\n \"2901110\",\n \"2901111\",\n \"2901112\",\n \"2901113\",\n \"2901115\",\n \"2901118\",\n \"2901119\",\n \"2901120\",\n \"2901125\",\n \"2901126\",\n \"2901127\",\n \"2901128\",\n# \"2904878\", # Not checked\n # Media Center Edition 2005 Service Pack 3 and Tablet PC Edition 2005 Service Pack 3 only\n \"2911501\",\n \"2911502\"\n);\n\nif (get_kb_item(\"Host/patch_management_checks\")) hotfix_check_3rd_party(bulletin:bulletin, kbs:kbs, severity:SECURITY_HOLE);\n\nget_kb_item_or_exit(\"SMB/Registry/Enumerated\");\nget_kb_item_or_exit('SMB/WindowsVersion', exit_code:1);\n\nif (hotfix_check_sp_range(xp:'3', win2003:'2', vista:'2', win7:'1', win8:'0', win81:'0') <= 0) audit(AUDIT_OS_SP_NOT_VULN);\n\nproductname = get_kb_item_or_exit(\"SMB/ProductName\", exit_code:1);\n\nrootfile = hotfix_get_systemroot();\nif (!rootfile) exit(1, \"Failed to get the system root.\");\n\nshare = hotfix_path2share(path:rootfile);\nif (!is_accessible_share(share:share)) audit(AUDIT_SHARE_FAIL, share);\n\n# Determine if .NET 4.5 or 4.5.1 is installed\ndotnet_451_installed = FALSE;\ndotnet_45_installed = FALSE;\n\ncount = get_install_count(app_name:'Microsoft .NET Framework');\nif (count > 0)\n{\n installs = get_installs(app_name:'Microsoft .NET Framework');\n foreach install(installs[1])\n {\n ver = install[\"version\"];\n if (ver == \"4.5\") dotnet_45_installed = TRUE;\n if (ver == \"4.5.1\") dotnet_451_installed = TRUE;\n }\n}\nvuln = 0;\n\n########## KB2898855 ###########\n# .NET Framework 4.0 #\n# Windows XP SP3, #\n# Windows XP SP2 x64, #\n# Windows 2003 SP2, #\n# Windows Vista SP2, #\n# Windows 7 SP1, #\n# Windows Server 2008 SP2, #\n# Windows Server 2008 R2 SP1 #\n################################\nmissing = 0;\n# Windows XP SP3\nmissing += hotfix_is_vulnerable(os:\"5.1\", sp:3, file:\"mscorlib.dll\", version:\"4.0.30319.1022\", min_version:\"4.0.30319.0\", dir:\"\\Microsoft.NET\\Framework\\v4.0.30319\");\nmissing += hotfix_is_vulnerable(os:\"5.1\", sp:3, file:\"mscorlib.dll\", version:\"4.0.30319.2034\", min_version:\"4.0.30319.1200\", dir:\"\\Microsoft.NET\\Framework\\v4.0.30319\");\n# Windows XP SP2 x64 / Server 2003 SP2\nmissing += hotfix_is_vulnerable(os:\"5.2\", sp:2, file:\"mscorlib.dll\", version:\"4.0.30319.1022\", min_version:\"4.0.30319.0\", dir:\"\\Microsoft.NET\\Framework\\v4.0.30319\");\nmissing += hotfix_is_vulnerable(os:\"5.2\", sp:2, file:\"mscorlib.dll\", version:\"4.0.30319.2034\", min_version:\"4.0.30319.1200\", dir:\"\\Microsoft.NET\\Framework\\v4.0.30319\");\n# Windows Vista SP2 / Server 2008 SP2\nmissing += hotfix_is_vulnerable(os:\"6.0\", sp:2, file:\"mscorlib.dll\", version:\"4.0.30319.1022\", min_version:\"4.0.30319.0\", dir:\"\\Microsoft.NET\\Framework\\v4.0.30319\");\nmissing += hotfix_is_vulnerable(os:\"6.0\", sp:2, file:\"mscorlib.dll\", version:\"4.0.30319.2034\", min_version:\"4.0.30319.1200\", dir:\"\\Microsoft.NET\\Framework\\v4.0.30319\");\n# Windows 7 SP1 / 2008 R2 SP1\nmissing += hotfix_is_vulnerable(os:\"6.1\", sp:1, file:\"mscorlib.dll\", version:\"4.0.30319.1022\", min_version:\"4.0.30319.0\", dir:\"\\Microsoft.NET\\Framework\\v4.0.30319\");\nmissing += hotfix_is_vulnerable(os:\"6.1\", sp:1, file:\"mscorlib.dll\", version:\"4.0.30319.2034\", min_version:\"4.0.30319.1200\", dir:\"\\Microsoft.NET\\Framework\\v4.0.30319\");\n\nif (missing > 0) hotfix_add_report(bulletin:bulletin, kb:\"2898855\");\nvuln += missing;\n\n######### KB2898856 ############\n# .NET Framework 2.0 SP2 #\n# Windows XP SP 3, #\n# Server 2003 SP2 #\n###############################\nmissing = 0;\nmissing += hotfix_is_vulnerable(os:\"5.1\", sp:3, file:\"mscorlib.dll\", version:\"2.0.50727.7041\", min_version:\"2.0.50727.5000\", dir:\"\\Microsoft.NET\\Framework\\v2.0.50727\");\nmissing += hotfix_is_vulnerable(os:\"5.1\", sp:3, file:\"mscorlib.dll\", version:\"2.0.50727.3655\", min_version:\"2.0.50727.3000\", dir:\"\\Microsoft.NET\\Framework\\v2.0.50727\");\nmissing += hotfix_is_vulnerable(os:\"5.2\", sp:2, file:\"mscorlib.dll\", version:\"2.0.50727.7041\", min_version:\"2.0.50727.5000\", dir:\"\\Microsoft.NET\\Framework\\v2.0.50727\");\nmissing += hotfix_is_vulnerable(os:\"5.2\", sp:2, file:\"mscorlib.dll\", version:\"2.0.50727.3655\", min_version:\"2.0.50727.3000\", dir:\"\\Microsoft.NET\\Framework\\v2.0.50727\");\n\nif (missing > 0) hotfix_add_report(bulletin:bulletin, kb:\"2898856\");\nvuln += missing;\n\n########## KB2898857 ############\n# .NET Framework 3.5.1 #\n# Windows 7 SP1, #\n# Server 2008 R2 SP1 #\n################################\nmissing = 0;\nmissing += hotfix_is_vulnerable(os:\"6.1\", sp:1, file:\"mscorlib.dll\", version:\"2.0.50727.7041\", min_version:\"2.0.50727.5600\", dir:\"\\Microsoft.NET\\Framework\\v2.0.50727\");\nmissing += hotfix_is_vulnerable(os:\"6.1\", sp:1, file:\"mscorlib.dll\", version:\"2.0.50727.5477\", min_version:\"2.0.50727.4000\", dir:\"\\Microsoft.NET\\Framework\\v2.0.50727\");\n\nif (missing > 0) hotfix_add_report(bulletin:bulletin, kb:\"2898857\");\nvuln += missing;\n\n########## KB2898858 ############\n# .NET Framework 2.0 SP2 #\n# Windows Vista SP2, #\n# Server 2008 SP2 #\n################################\nmissing = 0;\nmissing += hotfix_is_vulnerable(os:\"6.0\", sp:2, file:\"mscorlib.dll\", version:\"2.0.50727.7041\", min_version:\"2.0.50727.5000\", dir:\"\\Microsoft.NET\\Framework\\v2.0.50727\");\nmissing += hotfix_is_vulnerable(os:\"6.0\", sp:2, file:\"mscorlib.dll\", version:\"2.0.50727.4247\", min_version:\"2.0.50727.4000\", dir:\"\\Microsoft.NET\\Framework\\v2.0.50727\");\n\nif (missing > 0) hotfix_add_report(bulletin:bulletin, kb:\"2898858\");\nvuln += missing;\n\n########### KB2898860 ###########\n# .NET Framework 1.1 SP1 #\n# Server 2003 SP2 32-bit #\n################################\nmissing = 0;\nmissing += hotfix_is_vulnerable(os:\"5.2\", arch:\"x86\", sp:2, file:\"mscorlib.dll\", version:\"1.1.4322.2504\", min_version:\"1.1.4322.2000\", dir:\"\\Microsoft.NET\\Framework\\v1.1.4322\");\n\nif (missing > 0) hotfix_add_report(bulletin:bulletin, kb:\"2898860\");\nvuln += missing;\n\n########### KB2898864 ###########\n# .NET Framework 4.5 #\n# Windows Vista SP2, #\n# Server 2008 SP2 #\n# Windows 7 SP1, #\n# Server 2008 R2 SP1 #\n################################\nmissing = 0;\nif (dotnet_45_installed)\n{\n # Vista SP2 / 2008 SP2\n missing += hotfix_is_vulnerable(os:\"6.0\", sp:2, file:\"mscorlib.dll\", version:\"4.0.30319.18063\", min_version:\"4.0.30319.18000\", dir:\"\\Microsoft.NET\\Framework\\v4.0.30319\");\n missing += hotfix_is_vulnerable(os:\"6.0\", sp:2, file:\"mscorlib.dll\", version:\"4.0.30319.19132\", min_version:\"4.0.30319.19000\", dir:\"\\Microsoft.NET\\Framework\\v4.0.30319\");\n # 7 / 2008 R2 SP1\n missing += hotfix_is_vulnerable(os:\"6.1\", sp:1, file:\"mscorlib.dll\", version:\"4.0.30319.18063\", min_version:\"4.0.30319.18000\", dir:\"\\Microsoft.NET\\Framework\\v4.0.30319\");\n missing += hotfix_is_vulnerable(os:\"6.1\", sp:1, file:\"mscorlib.dll\", version:\"4.0.30319.19132\", min_version:\"4.0.30319.19000\", dir:\"\\Microsoft.NET\\Framework\\v4.0.30319\");\n}\n\nif (missing > 0) hotfix_add_report(bulletin:bulletin, kb:\"2898864\");\nvuln += missing;\n\n########## KB2898865 ############\n# .NET Framework 4.5 #\n# Windows 8, #\n# Server 2012 #\n################################\nmissing = 0;\nif (dotnet_45_installed)\n{\n missing += hotfix_is_vulnerable(os:\"6.2\", sp:0, file:\"mscorlib.dll\", version:\"4.0.30319.18449\", min_version:\"4.0.30319.18400\", dir:\"\\Microsoft.NET\\Framework\\v4.0.30319\");\n missing += hotfix_is_vulnerable(os:\"6.2\", sp:0, file:\"mscorlib.dll\", version:\"4.0.30319.19455\", min_version:\"4.0.30319.19400\", dir:\"\\Microsoft.NET\\Framework\\v4.0.30319\");\n}\n\nif (missing > 0) hotfix_add_report(bulletin:bulletin, kb:\"2898865\");\nvuln += missing;\n\n########## KB2898866 ############\n# .NET Framework 3.5 #\n# Windows 8, #\n# Server 2012 #\n################################\nmissing = 0;\nmissing += hotfix_is_vulnerable(os:\"6.2\", sp:0, file:\"mscorlib.dll\", version:\"2.0.50727.6413\", min_version:\"2.0.50727.5000\", dir:\"\\Microsoft.NET\\Framework\\v2.0.50727\");\nmissing += hotfix_is_vulnerable(os:\"6.2\", sp:0, file:\"mscorlib.dll\", version:\"2.0.50727.7041\", min_version:\"2.0.50727.7000\", dir:\"\\Microsoft.NET\\Framework\\v2.0.50727\");\n\nif (missing > 0) hotfix_add_report(bulletin:bulletin, kb:\"2898866\");\nvuln += missing;\n\n########## KB2898868 ############\n# .NET Framework 3.5 #\n# Windows 8.1, #\n# Server 2012 R2 #\n################################\nmissing = 0;\nmissing += hotfix_is_vulnerable(os:\"6.3\", sp:0, file:\"mscorlib.dll\", version:\"2.0.50727.8000\", min_version:\"2.0.50727.5000\", dir:\"\\Microsoft.NET\\Framework\\v2.0.50727\");\n\nif (missing > 0) hotfix_add_report(bulletin:bulletin, kb:\"2898868\");\nvuln += missing;\n\n########## KB2898869 ############\n# .NET Framework 4.5.1 #\n# Windows Vista SP2, #\n# Server 2008 SP2 #\n# Windows 7 SP1, #\n# Server 2008 R2 SP1 #\n################################\nmissing = 0;\nif (dotnet_451_installed)\n{\n # Vista SP2 / 2008 SP2\n missing += hotfix_is_vulnerable(os:\"6.0\", sp:2, file:\"mscorlib.dll\", version:\"4.0.30319.18444\", min_version:\"4.0.30319.18400\", dir:\"\\Microsoft.NET\\Framework\\v4.0.30319\");\n # 7 / 2008 R2 SP1\n missing += hotfix_is_vulnerable(os:\"6.1\", sp:1, file:\"mscorlib.dll\", version:\"4.0.30319.18444\", min_version:\"4.0.30319.18400\", dir:\"\\Microsoft.NET\\Framework\\v4.0.30319\");\n}\n\nif (missing > 0) hotfix_add_report(bulletin:bulletin, kb:\"2898869\");\nvuln += missing;\n\n########## KB2898870 ############\n# .NET Framework 4.5.1 #\n# Windows 8, #\n# Server 2012 #\n################################\nmissing = 0;\nif (dotnet_451_installed)\n{\n missing += hotfix_is_vulnerable(os:\"6.2\", sp:0, file:\"mscorlib.dll\", version:\"4.0.30319.18449\", min_version:\"4.0.30319.18400\", dir:\"\\Microsoft.NET\\Framework\\v4.0.30319\");\n missing += hotfix_is_vulnerable(os:\"6.2\", sp:0, file:\"mscorlib.dll\", version:\"4.0.30319.19455\", min_version:\"4.0.30319.19400\", dir:\"\\Microsoft.NET\\Framework\\v4.0.30319\");\n}\n\nif (missing > 0) hotfix_add_report(bulletin:bulletin, kb:\"2898870\");\nvuln += missing;\n\n########## KB2898871 ############\n# .NET Framework 4.5.1 #\n# Windows 8.1, #\n# Server 2012 R2 #\n################################\nmissing = 0;\nif (dotnet_451_installed)\n{\n missing += hotfix_is_vulnerable(os:\"6.3\", sp:0, file:\"mscorlib.dll\", version:\"4.0.30319.34011\", min_version:\"4.0.30319.34000\", dir:\"\\Microsoft.NET\\Framework\\v4.0.30319\");\n missing += hotfix_is_vulnerable(os:\"6.3\", sp:0, file:\"mscorlib.dll\", version:\"4.0.30319.36013\", min_version:\"4.0.30319.36000\", dir:\"\\Microsoft.NET\\Framework\\v4.0.30319\");\n}\n\nif (missing > 0) hotfix_add_report(bulletin:bulletin, kb:\"2898871\");\nvuln += missing;\n\n########## KB2901110 ############\n# .NET Framework 4.0 #\n# Windows XP SP3, #\n# Windows XP SP2 x64, #\n# Windows 2003 SP2, #\n# Windows Vista SP2, #\n# Windows 7 SP1, #\n# Windows Server 2008 SP2, #\n# Windows Server 2008 R2 SP1 #\n################################\nmissing = 0;\n# Windows XP SP3\nmissing += hotfix_is_vulnerable(os:\"5.1\", sp:3, file:\"System.Web.dll\", version:\"4.0.30319.1022\", min_version:\"4.0.30319.0\", dir:\"\\Microsoft.NET\\Framework\\v4.0.30319\");\nmissing += hotfix_is_vulnerable(os:\"5.1\", sp:3, file:\"System.Web.dll\", version:\"4.0.30319.2034\", min_version:\"4.0.30319.1200\", dir:\"\\Microsoft.NET\\Framework\\v4.0.30319\");\n# Windows XP SP2 x64 / Server 2003 SP2\nmissing += hotfix_is_vulnerable(os:\"5.2\", sp:2, file:\"System.Web.dll\", version:\"4.0.30319.1022\", min_version:\"4.0.30319.0\", dir:\"\\Microsoft.NET\\Framework\\v4.0.30319\");\nmissing += hotfix_is_vulnerable(os:\"5.2\", sp:2, file:\"System.Web.dll\", version:\"4.0.30319.2034\", min_version:\"4.0.30319.1200\", dir:\"\\Microsoft.NET\\Framework\\v4.0.30319\");\n# Windows Vista SP2 / Server 2008 SP2\nmissing += hotfix_is_vulnerable(os:\"6.0\", sp:2, file:\"System.Web.dll\", version:\"4.0.30319.1022\", min_version:\"4.0.30319.0\", dir:\"\\Microsoft.NET\\Framework\\v4.0.30319\");\nmissing += hotfix_is_vulnerable(os:\"6.0\", sp:2, file:\"System.Web.dll\", version:\"4.0.30319.2034\", min_version:\"4.0.30319.1200\", dir:\"\\Microsoft.NET\\Framework\\v4.0.30319\");\n# Windows 7 SP1 / 2008 R2 SP1\nmissing += hotfix_is_vulnerable(os:\"6.1\", sp:1, file:\"System.Web.dll\", version:\"4.0.30319.1022\", min_version:\"4.0.30319.0\", dir:\"\\Microsoft.NET\\Framework\\v4.0.30319\");\nmissing += hotfix_is_vulnerable(os:\"6.1\", sp:1, file:\"System.Web.dll\", version:\"4.0.30319.2034\", min_version:\"4.0.30319.1200\", dir:\"\\Microsoft.NET\\Framework\\v4.0.30319\");\n\nif (missing > 0) hotfix_add_report(bulletin:bulletin, kb:\"2901110\");\nvuln += missing;\n\n########## KB2901111 ############\n# .NET Framework 2.0 SP2 #\n# Windows XP SP 3, #\n# Server 2003 SP2 #\n################################\nmissing = 0;\nmissing += hotfix_is_vulnerable(os:\"5.1\", sp:3, file:\"System.Web.dll\", version:\"2.0.50727.7046\", min_version:\"2.0.50727.5000\", dir:\"\\Microsoft.NET\\Framework\\v2.0.50727\");\nmissing += hotfix_is_vulnerable(os:\"5.1\", sp:3, file:\"System.Web.dll\", version:\"2.0.50727.3658\", min_version:\"2.0.50727.3000\", dir:\"\\Microsoft.NET\\Framework\\v2.0.50727\");\nmissing += hotfix_is_vulnerable(os:\"5.2\", sp:2, file:\"System.Web.dll\", version:\"2.0.50727.7046\", min_version:\"2.0.50727.5000\", dir:\"\\Microsoft.NET\\Framework\\v2.0.50727\");\nmissing += hotfix_is_vulnerable(os:\"5.2\", sp:2, file:\"System.Web.dll\", version:\"2.0.50727.3658\", min_version:\"2.0.50727.3000\", dir:\"\\Microsoft.NET\\Framework\\v2.0.50727\");\n\nif (missing > 0) hotfix_add_report(bulletin:bulletin, kb:\"2901111\");\nvuln += missing;\n\n########## KB2901112 ############\n# .NET Framework 3.5.1 #\n# Windows 7 SP1, #\n# Server 2008 R2 SP1 #\n################################\nmissing = 0;\nmissing += hotfix_is_vulnerable(os:\"6.1\", sp:1, file:\"System.Web.dll\", version:\"2.0.50727.5479\", min_version:\"2.0.50727.5000\", dir:\"\\Microsoft.NET\\Framework\\v2.0.50727\");\nmissing += hotfix_is_vulnerable(os:\"6.1\", sp:1, file:\"System.Web.dll\", version:\"2.0.50727.7045\", min_version:\"2.0.50727.7000\", dir:\"\\Microsoft.NET\\Framework\\v2.0.50727\");\n\nif (missing > 0) hotfix_add_report(bulletin:bulletin, kb:\"2901112\");\nvuln += missing;\n\n########## KB2901113 ############\n# .NET Framework 2.0 SP2 #\n# Windows Vista SP2, #\n# Server 2008 SP2 #\n################################\nmissing = 0;\nmissing += hotfix_is_vulnerable(os:\"6.0\", sp:2, file:\"System.Web.dll\", version:\"2.0.50727.7045\", min_version:\"2.0.50727.5000\", dir:\"\\Microsoft.NET\\Framework\\v2.0.50727\");\nmissing += hotfix_is_vulnerable(os:\"6.0\", sp:2, file:\"System.Web.dll\", version:\"2.0.50727.4248\", min_version:\"2.0.50727.4000\", dir:\"\\Microsoft.NET\\Framework\\v2.0.50727\");\n\nif (missing > 0) hotfix_add_report(bulletin:bulletin, kb:\"2901113\");\nvuln += missing;\n\n########## KB2901115 ############\n# .NET Framework 1.1 SP1 #\n# Server 2003 SP2 32-bit #\n################################\nmissing = 0;\nmissing += hotfix_is_vulnerable(os:\"5.2\", arch:\"x86\", sp:2, file:\"System.Web.dll\", version:\"1.1.4322.2505\", min_version:\"1.1.4322.2200\", dir:\"\\Microsoft.NET\\Framework\\v1.1.4322\");\n\nif (missing > 0) hotfix_add_report(bulletin:bulletin, kb:\"2901115\");\nvuln += missing;\n\n########## KB2901118 ############\n# .NET Framework 4.5 #\n# Windows Vista SP2, #\n# Server 2008 SP2 #\n# Windows 7 SP1, #\n# Server 2008 R2 SP1 #\n################################\nmissing = 0;\nif (dotnet_45_installed)\n{\n # Vista SP2 / 2008 SP2\n missing += hotfix_is_vulnerable(os:\"6.0\", sp:2, file:\"System.Web.dll\", version:\"4.0.30319.18067\", min_version:\"4.0.30319.18000\", dir:\"\\Microsoft.NET\\Framework\\v4.0.30319\");\n missing += hotfix_is_vulnerable(os:\"6.0\", sp:2, file:\"System.Web.dll\", version:\"4.0.30319.19136\", min_version:\"4.0.30319.19000\", dir:\"\\Microsoft.NET\\Framework\\v4.0.30319\");\n # 7 / 2008 R2 SP1\n missing += hotfix_is_vulnerable(os:\"6.1\", sp:1, file:\"System.Web.dll\", version:\"4.0.30319.18067\", min_version:\"4.0.30319.18000\", dir:\"\\Microsoft.NET\\Framework\\v4.0.30319\");\n missing += hotfix_is_vulnerable(os:\"6.1\", sp:1, file:\"System.Web.dll\", version:\"4.0.30319.19136\", min_version:\"4.0.30319.19000\", dir:\"\\Microsoft.NET\\Framework\\v4.0.30319\");\n}\n\nif (missing > 0) hotfix_add_report(bulletin:bulletin, kb:\"2901118\");\nvuln += missing;\n\n########## KB2901119 ############\n# .NET Framework 4.5 #\n# Windows 8, #\n# Server 2012 #\n################################\nmissing = 0;\nif (dotnet_45_installed)\n{\n missing += hotfix_is_vulnerable(os:\"6.2\", sp:0, file:\"System.Web.dll\", version:\"4.0.30319.18449\", min_version:\"4.0.30319.18400\", dir:\"\\Microsoft.NET\\Framework\\v4.0.30319\");\n missing += hotfix_is_vulnerable(os:\"6.2\", sp:0, file:\"System.Web.dll\", version:\"4.0.30319.19455\", min_version:\"4.0.30319.19400\", dir:\"\\Microsoft.NET\\Framework\\v4.0.30319\");\n}\n\nif (missing > 0) hotfix_add_report(bulletin:bulletin, kb:\"2901119\");\nvuln += missing;\n\n########## KB2901120 ############\n# .NET Framework 3.5 #\n# Windows 8, #\n# Server 2012 #\n################################\nmissing = 0;\nmissing += hotfix_is_vulnerable(os:\"6.2\", sp:0, file:\"System.Web.dll\", version:\"2.0.50727.6414\", min_version:\"2.0.50727.6000\", dir:\"\\Microsoft.NET\\Framework\\v2.0.50727\");\nmissing += hotfix_is_vulnerable(os:\"6.2\", sp:0, file:\"System.Web.dll\", version:\"2.0.50727.7045\", min_version:\"2.0.50727.7000\", dir:\"\\Microsoft.NET\\Framework\\v2.0.50727\");\n\nif (missing > 0) hotfix_add_report(bulletin:bulletin, kb:\"2901120\");\nvuln += missing;\n\n########## KB2901125 ############\n# .NET Framework 3.5 #\n# Windows 8.1, #\n# Server 2012 R2 #\n################################\nmissing = 0;\nmissing += hotfix_is_vulnerable(os:\"6.3\", sp:0, file:\"System.Web.dll\", version:\"2.0.50727.8001\", min_version:\"2.0.50727.7000\", dir:\"\\Microsoft.NET\\Framework\\v2.0.50727\");\n\nif (missing > 0) hotfix_add_report(bulletin:bulletin, kb:\"2901125\");\nvuln += missing;\n\n########## KB2901126 ############\n# .NET Framework 4.5.1 #\n# Windows Vista SP2, #\n# Server 2008 SP2 #\n# Windows 7 SP1, #\n# Server 2008 R2 SP1 #\n################################\nmissing = 0;\nif (dotnet_451_installed)\n{\n # Vista SP2 / 2008 SP2\n missing += hotfix_is_vulnerable(os:\"6.0\", sp:2, file:\"System.Web.dll\", version:\"4.0.30319.18446\", min_version:\"4.0.30319.18400\", dir:\"\\Microsoft.NET\\Framework\\v4.0.30319\");\n # 7 / 2008 R2 SP1\n missing += hotfix_is_vulnerable(os:\"6.1\", sp:1, file:\"System.Web.dll\", version:\"4.0.30319.18446\", min_version:\"4.0.30319.18400\", dir:\"\\Microsoft.NET\\Framework\\v4.0.30319\");\n}\n\nif (missing > 0) hotfix_add_report(bulletin:bulletin, kb:\"2901126\");\nvuln += missing;\n\n########## KB2901127 ############\n# .NET Framework 4.5.1 #\n# Windows 8, #\n# Server 2012 #\n################################\nmissing = 0;\nif (dotnet_451_installed)\n{\n missing += hotfix_is_vulnerable(os:\"6.2\", sp:0, file:\"System.Web.dll\", version:\"4.0.30319.18447\", min_version:\"4.0.30319.18400\", dir:\"\\Microsoft.NET\\Framework\\v4.0.30319\");\n missing += hotfix_is_vulnerable(os:\"6.2\", sp:0, file:\"System.Web.dll\", version:\"4.0.30319.19453\", min_version:\"4.0.30319.19400\", dir:\"\\Microsoft.NET\\Framework\\v4.0.30319\");\n}\n\nif (missing > 0) hotfix_add_report(bulletin:bulletin, kb:\"2901127\");\nvuln += missing;\n\n########## KB2901128 ############\n# .NET Framework 4.5.1 #\n# Windows 8.1, #\n# Server 2012 R2 #\n################################\nmissing = 0;\nif (dotnet_451_installed)\n{\n missing += hotfix_is_vulnerable(os:\"6.3\", sp:0, file:\"System.Web.dll\", version:\"4.0.30319.34009\", min_version:\"4.0.30319.32009\", dir:\"\\Microsoft.NET\\Framework\\v4.0.30319\");\n}\n\nif (missing > 0) hotfix_add_report(bulletin:bulletin, kb:\"2901128\");\nvuln += missing;\n\n########## KB2911501 ############\n# .NET Framework 3.5.1 #\n# Windows 7 SP1, #\n# Server 2008 R2 SP1 #\n################################\nmissing = 0;\nmissing += hotfix_is_vulnerable(os:\"6.1\", sp:1, file:\"microsoft.vsa.vb.codedomprocessor.dll\", version:\"8.0.50727.5481\", min_version:\"8.0.50727.5000\", dir:\"\\Microsoft.NET\\Framework\\v2.0.50727\");\nmissing += hotfix_is_vulnerable(os:\"6.1\", sp:1, file:\"microsoft.vsa.vb.codedomprocessor.dll\", version:\"8.0.50727.7051\", min_version:\"8.0.50727.7000\", dir:\"\\Microsoft.NET\\Framework\\v2.0.50727\");\n\nif (missing > 0) hotfix_add_report(bulletin:bulletin, kb:\"2911501\");\nvuln += missing;\n\n########## KB2911502 ############\n# .NET Framework 2.0 SP2 #\n# Windows Vista SP2, #\n# Server 2008 SP2 #\n################################\nmissing = 0;\nmissing += hotfix_is_vulnerable(os:\"6.0\", sp:2, file:\"microsoft.vsa.vb.codedomprocessor.dll\", version:\"8.0.50727.4250\", min_version:\"8.0.50727.4000\", dir:\"\\Microsoft.NET\\Framework\\v2.0.50727\");\nmissing += hotfix_is_vulnerable(os:\"6.0\", sp:2, file:\"microsoft.vsa.vb.codedomprocessor.dll\", version:\"8.0.50727.7051\", min_version:\"8.0.50727.6000\", dir:\"\\Microsoft.NET\\Framework\\v2.0.50727\");\n\nif (missing > 0) hotfix_add_report(bulletin:bulletin, kb:\"2911502\");\nvuln += missing;\n\nif(vuln > 0)\n{\n set_kb_item(name:'SMB/Missing/'+bulletin, value:TRUE);\n hotfix_security_hole();\n hotfix_check_fversion_end();\n exit(0);\n}\nelse\n{\n hotfix_check_fversion_end();\n audit(AUDIT_HOST_NOT, \"affected\");\n}\n", "cvss": {"score": 9.3, "vector": "AV:N/AC:M/Au:N/C:C/I:C/A:C"}}], "securityvulns": [{"lastseen": "2018-08-31T11:09:54", "bulletinFamily": "software", "cvelist": ["CVE-2014-0257", "CVE-2014-0254", "CVE-2014-0266", "CVE-2014-0253", "CVE-2014-0295", "CVE-2014-0271", "CVE-2014-0263"], "description": "XML services information leakage, IPv6 DoS, Direct2D memory corruption, .Net privilege escalation, VBScript code execution.", "edition": 1, "modified": "2014-02-11T00:00:00", "published": "2014-02-11T00:00:00", "id": "SECURITYVULNS:VULN:13567", "href": "https://vulners.com/securityvulns/SECURITYVULNS:VULN:13567", "title": "Microsoft Windows multiple security vulnerabilities", "type": "securityvulns", "cvss": {"score": 9.3, "vector": "AV:NETWORK/AC:MEDIUM/Au:NONE/C:COMPLETE/I:COMPLETE/A:COMPLETE/"}}], "kaspersky": [{"lastseen": "2020-09-02T11:44:27", "bulletinFamily": "info", "cvelist": ["CVE-2014-4062", "CVE-2014-4073", "CVE-2014-0257", "CVE-2014-4122", "CVE-2014-4121", "CVE-2014-0253", "CVE-2014-0295", "CVE-2014-1806", "CVE-2014-4149", "CVE-2014-4072"], "description": "### *Detect date*:\n11/11/2014\n\n### *Severity*:\nHigh\n\n### *Description*:\nMultiple serious vulnerabilities have been found in Microsoft .NET Framework. Malicious users can exploit these vulnerabilities to cause denial of service, bypass security restrictions fain privileges, execute arbitrary code or obtain sensitive information.\n\n### *Affected products*:\nMicrosoft .NET Framework version 1.0 Service Pack 3 \nMicrosoft .NET Framework version 1.1 Service Pack 1 \nMicrosoft .NET Framework version 2.0 Service Pack 2 \nMicrosoft .NET Framework versions 3.5, 3.5.1, 4, 4.5, 4.5.1\n\n### *Solution*:\nInstall necessary updates from the KB section, that are listed in your Windows Update (Windows Update usually can be accessed from the Control Panel)\n\n### *Original advisories*:\n[CVE-2014-4072](<https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2014-4072>) \n[CVE-2014-0257](<https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2014-0257>) \n[CVE-2014-0253](<https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2014-0253>) \n[CVE-2014-0295](<https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2014-0295>) \n[CVE-2014-4149](<https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2014-4149>) \n[CVE-2014-4122](<https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2014-4122>) \n[CVE-2014-4121](<https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2014-4121>) \n[CVE-2014-4062](<https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2014-4062>) \n[CVE-2014-4073](<https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2014-4073>) \n[CVE-2014-1806](<https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2014-1806>) \n\n\n### *Impacts*:\nACE \n\n### *Related products*:\n[Microsoft .NET Framework](<https://threats.kaspersky.com/en/product/Microsoft-.NET-Framework/>)\n\n### *CVE-IDS*:\n[CVE-2014-4072](<https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-4072>)5.0Critical \n[CVE-2014-0257](<https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-0257>)9.3Critical \n[CVE-2014-0253](<https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-0253>)5.0Critical \n[CVE-2014-0295](<https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-0295>)4.3Warning \n[CVE-2014-4149](<https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-4149>)9.3Critical \n[CVE-2014-4122](<https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-4122>)4.3Warning \n[CVE-2014-4121](<https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-4121>)10.0Critical \n[CVE-2014-4062](<https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-4062>)4.3Warning \n[CVE-2014-4073](<https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-4073>)10.0Critical \n[CVE-2014-1806](<https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-1806>)10.0Critical\n\n### *Microsoft official advisories*:\n\n\n### *KB list*:\n[2972098](<http://support.microsoft.com/kb/2972098>) \n[2898855](<http://support.microsoft.com/kb/2898855>) \n[2898856](<http://support.microsoft.com/kb/2898856>) \n[2898857](<http://support.microsoft.com/kb/2898857>) \n[2898858](<http://support.microsoft.com/kb/2898858>) \n[2979578](<http://support.microsoft.com/kb/2979578>) \n[2979575](<http://support.microsoft.com/kb/2979575>) \n[2979574](<http://support.microsoft.com/kb/2979574>) \n[2979577](<http://support.microsoft.com/kb/2979577>) \n[2979576](<http://support.microsoft.com/kb/2979576>) \n[2979571](<http://support.microsoft.com/kb/2979571>) \n[2979570](<http://support.microsoft.com/kb/2979570>) \n[2979573](<http://support.microsoft.com/kb/2979573>) \n[2931365](<http://support.microsoft.com/kb/2931365>) \n[2931366](<http://support.microsoft.com/kb/2931366>) \n[2931367](<http://support.microsoft.com/kb/2931367>) \n[2931368](<http://support.microsoft.com/kb/2931368>) \n[2984625](<http://support.microsoft.com/kb/2984625>) \n[2979568](<http://support.microsoft.com/kb/2979568>) \n[2904878](<http://support.microsoft.com/kb/2904878>) \n[2943344](<http://support.microsoft.com/kb/2943344>) \n[2943357](<http://support.microsoft.com/kb/2943357>) \n[3000414](<http://support.microsoft.com/kb/3000414>) \n[2972105](<http://support.microsoft.com/kb/2972105>) \n[2972107](<http://support.microsoft.com/kb/2972107>) \n[2972106](<http://support.microsoft.com/kb/2972106>) \n[2972101](<http://support.microsoft.com/kb/2972101>) \n[2972100](<http://support.microsoft.com/kb/2972100>) \n[2972103](<http://support.microsoft.com/kb/2972103>) \n[2973113](<http://support.microsoft.com/kb/2973113>) \n[2973112](<http://support.microsoft.com/kb/2973112>) \n[2973115](<http://support.microsoft.com/kb/2973115>) \n[2973114](<http://support.microsoft.com/kb/2973114>) \n[2978121](<http://support.microsoft.com/kb/2978121>) \n[2978120](<http://support.microsoft.com/kb/2978120>) \n[2978122](<http://support.microsoft.com/kb/2978122>) \n[2932079](<http://support.microsoft.com/kb/2932079>) \n[2978124](<http://support.microsoft.com/kb/2978124>) \n[2978127](<http://support.microsoft.com/kb/2978127>) \n[2978126](<http://support.microsoft.com/kb/2978126>) \n[2978128](<http://support.microsoft.com/kb/2978128>) \n[2990931](<http://support.microsoft.com/kb/2990931>) \n[2972215](<http://support.microsoft.com/kb/2972215>) \n[2972214](<http://support.microsoft.com/kb/2972214>) \n[2972216](<http://support.microsoft.com/kb/2972216>) \n[2972211](<http://support.microsoft.com/kb/2972211>) \n[2972213](<http://support.microsoft.com/kb/2972213>) \n[2972212](<http://support.microsoft.com/kb/2972212>) \n[2974268](<http://support.microsoft.com/kb/2974268>) \n[2974269](<http://support.microsoft.com/kb/2974269>) \n[2958732](<http://support.microsoft.com/kb/2958732>) \n[2901128](<http://support.microsoft.com/kb/2901128>) \n[2901125](<http://support.microsoft.com/kb/2901125>) \n[2901127](<http://support.microsoft.com/kb/2901127>) \n[2901126](<http://support.microsoft.com/kb/2901126>) \n[2901120](<http://support.microsoft.com/kb/2901120>) \n[3005210](<http://support.microsoft.com/kb/3005210>) \n[2931356](<http://support.microsoft.com/kb/2931356>) \n[2972207](<http://support.microsoft.com/kb/2972207>) \n[2916607](<http://support.microsoft.com/kb/2916607>) \n[2968296](<http://support.microsoft.com/kb/2968296>) \n[2898868](<http://support.microsoft.com/kb/2898868>) \n[2968294](<http://support.microsoft.com/kb/2968294>) \n[2968295](<http://support.microsoft.com/kb/2968295>) \n[2968292](<http://support.microsoft.com/kb/2968292>) \n[2977766](<http://support.microsoft.com/kb/2977766>) \n[2898860](<http://support.microsoft.com/kb/2898860>) \n[2977765](<http://support.microsoft.com/kb/2977765>) \n[2898865](<http://support.microsoft.com/kb/2898865>) \n[2898864](<http://support.microsoft.com/kb/2898864>) \n[2898866](<http://support.microsoft.com/kb/2898866>) \n[2931358](<http://support.microsoft.com/kb/2931358>) \n[2911502](<http://support.microsoft.com/kb/2911502>) \n[2931354](<http://support.microsoft.com/kb/2931354>) \n[2931357](<http://support.microsoft.com/kb/2931357>) \n[2911501](<http://support.microsoft.com/kb/2911501>) \n[2931352](<http://support.microsoft.com/kb/2931352>) \n[2898869](<http://support.microsoft.com/kb/2898869>) \n[2898870](<http://support.microsoft.com/kb/2898870>) \n[2898871](<http://support.microsoft.com/kb/2898871>) \n[2978114](<http://support.microsoft.com/kb/2978114>) \n[2978116](<http://support.microsoft.com/kb/2978116>) \n[2937608](<http://support.microsoft.com/kb/2937608>) \n[2978125](<http://support.microsoft.com/kb/2978125>) \n[2966828](<http://support.microsoft.com/kb/2966828>) \n[2966827](<http://support.microsoft.com/kb/2966827>) \n[2966826](<http://support.microsoft.com/kb/2966826>) \n[2966825](<http://support.microsoft.com/kb/2966825>) \n[2978042](<http://support.microsoft.com/kb/2978042>) \n[2901115](<http://support.microsoft.com/kb/2901115>) \n[2978041](<http://support.microsoft.com/kb/2978041>) \n[2901110](<http://support.microsoft.com/kb/2901110>) \n[2901111](<http://support.microsoft.com/kb/2901111>) \n[2901112](<http://support.microsoft.com/kb/2901112>) \n[2901113](<http://support.microsoft.com/kb/2901113>) \n[2901118](<http://support.microsoft.com/kb/2901118>) \n[2901119](<http://support.microsoft.com/kb/2901119>) \n[2937610](<http://support.microsoft.com/kb/2937610>)\n\n### *Exploitation*:\nThe following public exploits exists for this vulnerability:", "edition": 41, "modified": "2020-06-18T00:00:00", "published": "2014-11-11T00:00:00", "id": "KLA10603", "href": "https://threats.kaspersky.com/en/vulnerability/KLA10603", "title": "\r KLA10603Multiple vulnerabilities in Microsoft .NET Framework ", "type": "kaspersky", "cvss": {"score": 10.0, "vector": "AV:N/AC:L/Au:N/C:C/I:C/A:C"}}]}
