Lucene search
K
Database
Vendors
Products
Years
CVSS
Scanner
Agent Scanning
API Scanning
Manual Audit
Perimeter Scanner
Scanning
Projects
Email
Webhook
Plugins
Resources
Documents
Blog
Glossary
FAQ
Pricing
Contacts
About Us
Partners
Branding Guideline
mskbMicrosoftKB2916607
HistoryFeb 11, 2014 - 12:00 a.m.

MS14-009: Vulnerabilities in the .NET Framework could allow elevation of privilege: February 11, 2014

2014-02-1100:00:00
Microsoft
support.microsoft.com
49

9.3 High

CVSS2

Access Vector

NETWORK

Access Complexity

MEDIUM

Authentication

NONE

Confidentiality Impact

COMPLETE

Integrity Impact

COMPLETE

Availability Impact

COMPLETE

AV:N/AC:M/Au:N/C:C/I:C/A:C

JSON

<html><body><p>Resolves vulnerabilities that could allow elevation of privilege if a user visits a specially crafted website or a website that contains specially crafted web content.</p><h2></h2><div><br /><a href=“#appliestoproducts” target>View products that this article applies to.</a><span></span></div><h2>Introduction</h2><div>This update resolves vulnerabilities that could allow elevation of privilege if a user visits a specially crafted website or a website that contains specially crafted web content.</div><h2>Summary</h2><div>Microsoft has released security bulletin MS14-009. Learn more about how to obtain the fixes that are included in this security bulletin:<ul><li>For individual, small business, and organizational users, use the Windows automatic updating feature to install the fixes from Microsoft Update. To do this, see <a href=“http://www.microsoft.com/security/pc-security/updates.aspx” target=“_self”>Get security updates automatically</a> on the Microsoft Safety and Security Center website.<br /></li><li>For IT professionals, see <a href=“http://technet.microsoft.com/security/bulletin/ms14-009” target=“_self”>Microsoft Security Bulletin MS14-009</a> on the Security TechCenter website.</li></ul></div><h2></h2><div><h3>How to obtain help and support for this security update</h3>Help installing updates: <a href=“https://support.microsoft.com/ph/6527” target=“_self”>Support for Microsoft Update</a><br /><br />Security solutions for IT professionals: <a href=“http://technet.microsoft.com/security/bb980617.aspx” target=“_self”>TechNet Security Troubleshooting and Support</a><br /><br />Help protect your computer that is running Windows from viruses and malware: <a href=“https://support.microsoft.com/contactus/cu_sc_virsec_master” target=“_self”>Virus Solution and Security Center</a><br /><br />Local support according to your country: <a href=“https://support.microsoft.com/common/international.aspx” target=“_self”>International Support</a></div><h2>More Information</h2><div><h4>Known issues and additional information about this update</h4>After you install one of these security updates, marshaling of reflection types may not work as expected over DCOM. For more information about this issue, click the following article number to view the article in the Microsoft Knowledge Base: <div><a href=“https://support.microsoft.com/en-us/help/2934830”>2934830 </a> Marshaling of reflection types may not work over DCOM after you install a security update from security bulletin MS14-009 </div><br />The following articles contain additional information about this update as it relates to individual product versions. The articles may contain specific information about the individual updates such as a download URL, prerequisites, and command-line switches.<br /><br /><h5>Microsoft .NET Framework 4.5.1</h5><ul><li><a href=“https://support.microsoft.com/en-us/help/2901128”>2901128 </a> MS14-009: Description of the security update for the .NET Framework 4.5.1 for Windows 8.1, Windows RT 8.1, and Windows Server 2012 R2: February 11, 2014</li><li><a href=“https://support.microsoft.com/en-us/help/2898871”>2898871 </a> MS14-009: Description of the security update for the .NET Framework 4.5.1 for Windows 8, Windows RT 8.1, and Windows Server 2012 R2: February 11, 2014</li><li><a href=“https://support.microsoft.com/en-us/help/2901127”>2901127 </a> MS14-009: Description of the security update for the .NET Framework 4.5.1 for Windows 8, Windows RT, and Windows Server 2012: February 11, 2014</li><li><a href=“https://support.microsoft.com/en-us/help/2898870”>2898870 </a> MS14-009: Description of the security update for the .NET Framework 4.5.1 for Windows 8, Windows RT, and Windows Server 2012: February 11, 2014</li><li><a href=“https://support.microsoft.com/en-us/help/2901126”>2901126 </a> MS14-009: Description of the security update for the .NET Framework 4.5.1 for Windows Vista Service Pack 2, Windows Server 2008 Service Pack 2, Windows 7 Service Pack 1, and Windows Server 2008 R2 Service Pack 1: February 11, 2014</li><li><a href=“https://support.microsoft.com/en-us/help/2898869”>2898869 </a> MS14-009: Description of the security update for the .NET Framework 4.5.1 for Windows Vista Service Pack 2, Windows Server 2008 Service Pack 2, Windows 7 Service Pack 1, and Windows Server 2008 R2 Service Pack 1: February 11, 2014</li></ul><br /><h5>Microsoft .NET Framework 4.5</h5><ul><li><a href=“https://support.microsoft.com/en-us/help/2901119”>2901119 </a> MS14-009: Description of the security update for the .NET Framework 4.5 for Windows 8, Windows RT, and Windows Server 2012: February 11, 2014</li><li><a href=“https://support.microsoft.com/en-us/help/2898865”>2898865 </a> MS14-009: Description of the security update for the .NET Framework 4.5 for Windows 8, Windows RT, and Windows Server 2012: February 11, 2014</li><li><a href=“https://support.microsoft.com/en-us/help/2901118”>2901118 </a> MS14-009: Description of the security update for the .NET Framework 4.5 for Windows Vista Service Pack 2, Windows Server 2008 Service Pack 2, Windows 7 Service Pack 1, and Windows Server 2008 R2 Service Pack 1: February 11, 2014</li><li><a href=“https://support.microsoft.com/en-us/help/2898864”>2898864 </a> MS14-009: Description of the security update for the .NET Framework 4.5 for Windows Vista Service Pack 2, Windows Server 2008 Service Pack 2, Windows 7 Service Pack 1, and Windows Server 2008 R2 Service Pack 1: February 11, 2014</li></ul><h5>Microsoft .NET Framework 4</h5><ul><li><a href=“https://support.microsoft.com/en-us/help/2901110”>2901110 </a> MS14-009: Description of the security update for the .NET Framework 4 on Windows XP, Windows Server 2003, Windows Vista, Windows Server 2008, Windows 7, and Windows Server 2008 R2: February 11, 2014</li><li><a href=“https://support.microsoft.com/en-us/help/2898855”>2898855 </a> MS14-009: Description of the security update for the .NET Framework 4 for Windows XP, Windows Server 2003, Windows Vista, Windows Server 2008, Windows 7, and Windows Server 2008 R2: February 11, 2014</li></ul><h5>Microsoft .NET Framework 3.5.1</h5><ul><li><a href=“https://support.microsoft.com/en-us/help/2901112”>2901112 </a> MS14-009: Description of the security update for the .NET Framework 3.5.1 for Windows 7 Service Pack 1 and Windows Server 2008 R2 Service Pack 1: February 11, 2014</li><li><a href=“https://support.microsoft.com/en-us/help/2911501”>2911501 </a> MS14-009: Description of the security update for the .NET Framework 3.5.1 for Windows 7 Service Pack 1 and Windows Server 2008 R2 Service Pack 1: February 11, 2014</li><li><a href=“https://support.microsoft.com/en-us/help/2898857”>2898857 </a> MS14-009: Description of the security update for the .NET Framework 3.5.1 for Windows 7 Service Pack 1 and Windows Server 2008 R2 Service Pack 1: February 11, 2014</li></ul><h5>Microsoft .NET Framework 3.5</h5><ul><li><a href=“https://support.microsoft.com/en-us/help/2901125”>2901125 </a> MS14-009: Description of the security update for the .NET Framework 3.5 for Windows 8.1 and Windows Server 2012 R2: February 11, 2014</li><li><a href=“https://support.microsoft.com/en-us/help/2898868”>2898868 </a> MS14-009: Description of the security update for the .NET Framework 3.5 for Windows 8.1 and Windows Server 2012 R2: February 11, 2014</li><li><a href=“https://support.microsoft.com/en-us/help/2901120”>2901120 </a> MS14-009: Description of the security update for the .NET Framework 3.5 for Windows 8 and Windows Server 2012: February 11, 2014</li><li><a href=“https://support.microsoft.com/en-us/help/2898866”>2898866 </a> MS14-009: Description of the security update for the .NET Framework 3.5 for Windows 8 and Windows Server 2012: February 11, 2014</li></ul><h5>Microsoft .NET Framework 2.0</h5><ul><li><a href=“https://support.microsoft.com/en-us/help/2901113”>2901113 </a> MS14-009: Description of the security update for the .NET Framework 2.0 Service Pack 2 for Windows Vista Service Pack 2 and Windows Server 2008 Service Pack 2: February 11, 2014</li><li><a href=“https://support.microsoft.com/en-us/help/2911502”>2911502 </a> MS14-009: Description of the security update for the .NET Framework 2.0 Service Pack 2 for Windows Vista Service Pack 2 and Windows Server 2008 Service Pack 2: February 11, 2014</li><li><a href=“https://support.microsoft.com/en-us/help/2898858”>2898858 </a> MS14-009: Description of the security update for the .NET Framework 2.0 Service Pack 2 for Windows Vista Service Pack 2 and Windows Server 2008 Service Pack 2: February 11, 2014</li><li><a href=“https://support.microsoft.com/en-us/help/2901111”>2901111 </a> MS14-009: Description of the security update for the .NET Framework 2.0 Service Pack 2 for Windows XP Service Pack 3 and Windows Server 2003 Service Pack 2: February 11, 2014</li><li><a href=“https://support.microsoft.com/en-us/help/2898856”>2898856 </a> MS14-009: Description of the security update for the .NET Framework 2.0 Service Pack 2 for Windows XP Service Pack 3 and Windows Server 2003 Service Pack 2: February 11, 2014</li></ul><h5>Microsoft .NET Framework 1.1</h5><ul><li><a href=“https://support.microsoft.com/en-us/help/2901115”>2901115 </a> MS14-009: Description of the security update for the .NET Framework 1.1 Service Pack 1 for Windows Server 2003 Service Pack 2: February 11, 2014</li><li><a href=“https://support.microsoft.com/en-us/help/2898860”>2898860 </a> MS14-009: Description of the security update for the .NET Framework 1.1 Service Pack 1 for Windows Server 2003 Service Pack 2: February 11, 2014</li></ul><h5>Microsoft .NET Framework 1.0</h5><ul><li><a href=“https://support.microsoft.com/en-us/help/2904878”>2904878 </a> MS14-009: Description of the security update for the .NET Framework 1.0 Service Pack 3 for Windows XP Service Pack 3 Tablet PC Edition and Windows XP Service Pack 3 Media Center Edition: February 11, 2014</li></ul></div><h2></h2><div><h4>Update replacement information</h4>Update replacement information for each specific update can be found in the Knowledge Base articles that correspond to this update.</div><h2></h2><div><div><div><div><span><span></span></span><span><span>File hash information</span></span></div><div><span><div><div><table><tr><th>File name</th><th>SHA1 hash</th><th>SHA256 hash</th></tr><tr><td>MSIPatchRegFix-AMD64.exe</td><td>5011CB29B096FB674A4795EE8FC2F7FDAD33863A</td><td>BA62C33DD90ECC3C945AE4F52EEEB2FA07D2C53FB975263B483D09D80F02230D</td></tr><tr><td>MSIPatchRegFix-IA64.exe</td><td>CB861EAF1F4CDFFAD5F83604C7250CD9EDD96433</td><td>61867793FC7556B79E5833CC18F493A5611EDE94E0D944575E89BAA76B223A0D</td></tr><tr><td>MSIPatchRegFix-X86.exe</td><td>94A84B80B8B45A1AC53A0E5D085513DA0F099655</td><td>C83C5EE1D4FBFF5260A7D984471EAF4C6004431C21B4F661018BDB92CC124290</td></tr><tr><td>NDP1.0sp3-KB2904878-X86-Ocm-Chs.exe</td><td>4988B3C4F4EFBF083EB3971B9A1055AF17AE3E4C</td><td>6D954959FA716135A6F481A9E76AE443899AF5BEBD42FE8D3BB070069445C241</td></tr><tr><td>NDP1.0sp3-KB2904878-X86-Ocm-Cht.exe</td><td>3720CEA93D60891F7B283A93AAA2B333D7C0764B</td><td>E265B85C403FEB4A628D40349754BAA114C8FB259F72905EF90726F8FF50B37F</td></tr><tr><td>NDP1.0sp3-KB2904878-X86-Ocm-Deu.exe</td><td>ED48AEF7E81DCCDFBD0D8CF438D8E943293135A3</td><td>129821D9416B67A6B7FDF3BEC4E95C056EF26D20A70C3D8FBEFB0AFF1E45F27D</td></tr><tr><td>NDP1.0sp3-KB2904878-X86-Ocm-Enu.exe</td><td>CC2BCD12A0043AB5CF140ABC3D95C529D72D8681</td><td>3B4DB976DDAF5DC34954940FFB56401CB281AD65188F8CCFE56959820719DA28</td></tr><tr><td>NDP1.0sp3-KB2904878-X86-Ocm-Esn.exe</td><td>0C32F87BE754839E2296D26797CFC8EB51F57B17</td><td>E71056435EBA96B7B10FA0853B04CDA5AA08F499332AD9760CF017B0D70073C2</td></tr><tr><td>NDP1.0sp3-KB2904878-X86-Ocm-Fra.exe</td><td>5B43519F41987CF18D8DBAAB968E3E004CDB8112</td><td>89795C645362358540834BA39943BA8CC74FE6317724154319DFE9E6D5D10E38</td></tr><tr><td>NDP1.0sp3-KB2904878-X86-Ocm-Ita.exe</td><td>09A6786910C56592CC7BD0DB5E5E3927A5CBD511</td><td>CA9B1ED0FF15DBCE43FBA5DCC7B379140D13D23613CB0BE7A31F2938CB97A790</td></tr><tr><td>NDP1.0sp3-KB2904878-X86-Ocm-Jpn.exe</td><td>59262F359B40EB9F83275535E2BBF1420F525B1A</td><td>E8C07501290093D36216A7E22FD9A281EB61DE55822BA90D023472A48A45F8CA</td></tr><tr><td>NDP1.0sp3-KB2904878-X86-Ocm-Kor.exe</td><td>9D0E419C4930201A5F1745FFAD4F9A6C3FB3DEC0</td><td>4D62A971105598B6BE7E1CEAFFC7CF4A1A70A8B62F91C5C90B241136BDE562F0</td></tr><tr><td>NDP1.0sp3-KB2904878-X86-Ocm-Nld.exe</td><td>E6F48310E8BED2AB893E795383813B553BFEFFEB</td><td>ADCCEB4729B35052D06BFF26204F803E88030838D6535216EC509CE7EB33F7F5</td></tr><tr><td>NDP20SP2-KB2898856-IA64.exe</td><td>BD20ED1C6C0B1421CE0EF21475D20503F58580A5</td><td>973E107EF139372CDA16567A9B81EEA9CE537D2B674900A9FBB6D10D1129E6F0</td></tr><tr><td>NDP20SP2-KB2898856-x64.exe</td><td>C653217E5686C52DC5ECD04E585085DEC24231F5</td><td>7E9D795AED9DF8B65A44F6EBDA87E34B76B70F8A12D800D2CE8A9AC8B9B45BBD</td></tr><tr><td>NDP20SP2-KB2898856-x86.exe</td><td>2B7B7F57A6D659EE926A6E381B388FFF8BC3FD3E</td><td>A9A99298A357701EF9C0D008DE65E2B821BD75B79F692EE4E6672805B85A9380</td></tr><tr><td>NDP20SP2-KB2901111-IA64.exe</td><td>9F40B727F000C938E1DFCC694634F12CF9E43D25</td><td>F7AA46F643413B853B88834A4EB98308C69F8A1ABE919B95E5FDA0AEF598E8D7</td></tr><tr><td>NDP20SP2-KB2901111-x64.exe</td><td>FB628E658E956629414361DF1664CFF39C5E2DD0</td><td>29A11ABBF127B52FAE86E0D9031829BC94124EF615DFA3BBB1E7C5E56AC567DD</td></tr><tr><td>NDP20SP2-KB2901111-x86.exe</td><td>610083BD9139A2BC3FBDCD026E2D0CCE11CAFBC0</td><td>FC4C7BCCAF00EF80AAC607264864902F91B6C9786AF3886DCB600CB1C06EAFE7</td></tr><tr><td>NDP40-KB2898855-v2-IA64.exe</td><td>420B0D1E15D793F9AFEBD6968845C3512BE98591</td><td>EE5B748BB94B953021C848E13D0571FC7812DBB0CC24B991EC52738B257DF59A</td></tr><tr><td>NDP40-KB2898855-v2-x64.exe</td><td>E083C7A371D2F191BDC6DE6E233A0CE0C3411D8A</td><td>66480998C77715E9C34B9D94737959DEFEF649A7DCAD3E36BC0924DB0479D9D5</td></tr><tr><td>NDP40-KB2898855-v2-x86.exe</td><td>3B05125DAB14ECD4D8C804848F39AC66F6941511</td><td>DDDE50C7F3836B75ED957C2244A1AD682C45DB8788A025D192D85C8057DAA16D</td></tr><tr><td>NDP40-KB2901110-v2-IA64.exe</td><td>B3CAD8C0E7272C22C1B9C8776DC01FF1C5408395</td><td>2FFA480080814FE7D8D8FFC2FD183792EE58CDD4533BA4CBE5DE328585AF58F2</td></tr><tr><td>NDP40-KB2901110-v2-x64.exe</td><td>16EE7134D0906A79778C8B404291BA39C68792F7</td><td>0BCDF04D29EFCD53356D64A52044D8A765F6C5B828E74C8EB406D78885570F9F</td></tr><tr><td>NDP40-KB2901110-v2-x86.exe</td><td>9E9C5C03AEFBF129DDA5F03906D920C5B5F2B36F</td><td>7D3996F730DF79DB2DA7834B771F4A295C63DB975C0C327657B77361EAEADCB8</td></tr><tr><td>NDP45-KB2898864-x64.exe</td><td>BEDEDC7AEE671F13850CBA58B9C67C9CCABA43F3</td><td>C83BCAE73C8BAD056915810186C3E975AC7C7904944FE1C4C1F05E836975EA8A</td></tr><tr><td>NDP45-KB2898864-x86.exe</td><td>4EAED61B2AE9E4D78BA90326DE58512C52EBA005</td><td>74366C14A00A6A1342E3DA05709D384526BB831FBA864034C32399DEE8944ED1</td></tr><tr><td>NDP45-KB2898869-x64.exe</td><td>8AA5629EDD3AD58527C79009081B9DFF5E6B4ADF</td><td>B71585D718E412D532899A8CF66EC0DDE1314C8F4852E00986EF0097CA66035A</td></tr><tr><td>NDP45-KB2898869-x86.exe</td><td>03C2BB082A37D2C944D066BA1106D3A109A5460B</td><td>CADA9A68165C80CD3365644CBDE0928AF8041109B53E2C7D4EDB30047B0E50F0</td></tr><tr><td>NDP45-KB2901118-x64.exe</td><td>948B9C9F12F72D5E6F2460738202F5BEA9387DAA</td><td>513CF69C58F0B57566DAB0EAFB9C87E8ABB5E3B17309041C20775904D932A51D</td></tr><tr><td>NDP45-KB2901118-x86.exe</td><td>126A57BA98B72696328D3E1E3B060D43926EB6E5</td><td>50B0894CD05E294CCD9F9CC8571C72B5C6224806ACCC935BEA950445C30C2070</td></tr><tr><td>NDP45-KB2901126-x64.exe</td><td>99E49CB7E11D19A517425409D430A3DAD34BD3CF</td><td>96E51FB29BA3950AD4B2AFD9E04CFC904CAA8DF5793571B66CF55D644D0DDD84</td></tr><tr><td>NDP45-KB2901126-x86.exe</td><td>D279D017F62227ABAB4B61661A442E1A2B3771C9</td><td>B6D10A77D6D5A14A74B449B1FB2B34B62E44175FECB3CC1779E532FC1AD3C105</td></tr><tr><td>Windows6.0-KB2898858-ia64.msu</td><td>E5E8C81D7261452289120DD46AAD1B89BAF4B40A</td><td>C479A4524C25F61367661D9913F06F3DFBB4E2173DD54E701C9832C290F88BDD</td></tr><tr><td>Windows6.0-KB2898858-x64.msu</td><td>ABCD106ED343E14AD6537046E5945B6D9AE6DE62</td><td>C24F835E34C14D970CB8BF7670D1A1C2523FDB070A16215BCA4C6CDE0C1BF3C2</td></tr><tr><td>Windows6.0-KB2898858-x86.msu</td><td>801BD275E46D2BD6C7937C5F1300A1E493C182A3</td><td>F6BEEE8C29EB55ABED9D95BCAC815DA97E5734F99BD6247C1619AC4968B68D67</td></tr><tr><td>Windows6.0-KB2901113-ia64.msu</td><td>38B6F053764B77F556E7560DA376521000682A21</td><td>80742F7CB78A03841F1F66FBF584C9E792455B8B394795EFB5A03D60FEFE804F</td></tr><tr><td>Windows6.0-KB2901113-x64.msu</td><td>216A35BF2B5E7782B1480D5CDD9B647CB3B2243C</td><td>1E630D2EA29D4615F7A6E5D7352DDB8ED86112A1735E103D4361B05EEF3243CD</td></tr><tr><td>Windows6.0-KB2901113-x86.msu</td><td>05617C64C3776658D625D3E99C398A87468C261B</td><td>B9298C5417E9E8F9E33CA0C18617EA90BA8FDB3BBE6912E6D6D0E3F8F7AABD3D</td></tr><tr><td>Windows6.0-KB2911502-ia64.msu</td><td>4AA5A400645E2A24BBF7E68570B5D08D813B118C</td><td>C72012CD27E4FDE79D212594975351C8CF09E1499A4A82A76B488F0DB1A77DA9</td></tr><tr><td>Windows6.0-KB2911502-x64.msu</td><td>2069D275A00DFDAD4000682519B87A111F68B4FE</td><td>D32D5E95AA4C1C3C38BDE7F684A24655CFFD8AABEA67BB14A524A8079AE52DCC</td></tr><tr><td>Windows6.0-KB2911502-x86.msu</td><td>9F387A572CFDEA7CAB68032CFE62E683283706DE</td><td>DFD2806DA183EF2FC9356D06BB231AB2090FE191183C9104F53CF8112208956D</td></tr><tr><td>Windows6.0-KB980842-ia64.msu</td><td>2A2A67B37490C495E23B1EC709BACA49D06F0272</td><td>9494EDBFFE5DF90060C253C6E185DC2EE9739C144BCF1B25C2F42914078752EC</td></tr><tr><td>Windows6.0-KB980842-x64.msu</td><td>56CCB4131E94F0E4740AC65D54603AD9A2F32FDE</td><td>CC84E048D5B9A0F35F9FE981C1F0FCA67261D0C07B026B18B5626DE9ED97C6F1</td></tr><tr><td>Windows6.0-KB980842-x86.msu</td><td>A6FC223B39B42789FF7A319AFEFF86DF2913D187</td><td>C41C2294AC8CEDE7308711183F8E0FA5BE9208ACBEEF5DB347BE6E0C8AF2E4AA</td></tr><tr><td>Windows6.1-KB2898857-ia64.msu</td><td>11A5CE5906D619D2ED0D47D4B795DBE0BC94D437</td><td>B50FAAABA0219B45D6A8A0DA6CF9212F88DB34ECEF3B626973C661470B12494B</td></tr><tr><td>Windows6.1-KB2898857-x64.msu</td><td>C6960541776B7CC108BE7EAB97EAF3FDBB26A666</td><td>20F23E9A5A694CF818FE060F105088BE36A4958A5D390B21389A8C0AEA3611DC</td></tr><tr><td>Windows6.1-KB2898857-x86.msu</td><td>B68F448F8E31E461F352C5BF03EEDEEBB8375DDE</td><td>60B4E1BFBCC980CA3FD9BF8C6FA9D779F056ED964899918724C8A98AAE1F5E37</td></tr><tr><td>Windows6.1-KB2901112-ia64.msu</td><td>2C264C37273F2EF2C70B5B678C7456817BD66235</td><td>274585BB3D61083D4652F77F3E82335BF99FE2C04B6C093E76568F3B4412D16E</td></tr><tr><td>Windows6.1-KB2901112-x64.msu</td><td>BE8E7867485AAC34F9549F2F7FE0F9E8B15DA18F</td><td>E78A8ECFE8F74007517D2F3968AB47F00B0BA10E5C0356D6F773ED2F29E9C31C</td></tr><tr><td>Windows6.1-KB2901112-x86.msu</td><td>15A3ACDA97F7C9AE092DB4604CF6C80562B4D06F</td><td>460A8B0D540BAEF742C6A5A5BF62475C7B7DE72F61F0072E985F0112D62751DC</td></tr><tr><td>Windows6.1-KB2911501-ia64.msu</td><td>52B266C032BC98EE3DEB9263A09E92ABF3E5333F</td><td>B22D07795E388CF44860EE963C492B0BED29B4F4DC72CB1F4E316FE6DED8DA25</td></tr><tr><td>Windows6.1-KB2911501-x64.msu</td><td>8C304D7A8A79AF75507086623DC8873EB2FD28C0</td><td>377018DA28F1E67F907FBB0BE29BD6EFF925E87938CE7427E6CC984599F4B2FF</td></tr><tr><td>Windows6.1-KB2911501-x86.msu</td><td>5A0D066E5A944D4568D34A4C19CCB050C3DCC069</td><td>5FBE088F8C19A194FD9EB53FC4E4D8B6D6EC6C04314B337A19D2E0B69B3DC611</td></tr><tr><td>Windows8-RT-KB2898865-x64.msu</td><td>4280D6D4FA6FB2D4AEA9E3C9F09550B59975BF49</td><td>79F5129D08EBF5785C92F3D2B829242C8E35B7C98D5158D77BCE3A49446656EF</td></tr><tr><td>Windows8-RT-KB2898865-x86.msu</td><td>8A4D26974DC77C57A9415917A5E01BB41265A417</td><td>6635B18BF1EB51A13C2BDF7CE5493BCC0CA578CB2B1C46F15DB6ED99436468E6</td></tr><tr><td>Windows8-RT-KB2898866-x64.msu</td><td>B07933EF7ECD4F57C8FAF9EBF988D6652C23C72A</td><td>BD3CE2DFC824EA2715C07B7086F7D7B4F2F30A26D0B5954EF9E7EA5902DA0521</td></tr><tr><td>Windows8-RT-KB2898866-x86.msu</td><td>85151E65E518AD52A9735BB50C016AEE56D5D737</td><td>BEE4BF219C0D3D8763C5D7FB73565F28A9431F1B71275C7C74B0EAE71D6862CD</td></tr><tr><td>Windows8-RT-KB2898870-x64.msu</td><td>38492B5E477712A4ADA99B373CDBE0F71A0FEEFB</td><td>D3D4F08796205C4990DDADB950130BD28AEC5DE32C1EE30F68968E0B77D43BF0</td></tr><tr><td>Windows8-RT-KB2898870-x86.msu</td><td>7EF6E4C0F1654AABD2D914EBE8725D54F498BC22</td><td>69D22C7107643956BA987D37C08726388F11DC842B38D2117158BB8EEF4211F4</td></tr><tr><td>Windows8-RT-KB2901119-x64.msu</td><td>1EC4C9BF7B9F8A9E9EEBF3FA04D41FC82752E05C</td><td>393A831E0F69C4F41591D58D97C2D6C31242EB9C6A3182AEF6BAB6A70DA68F1A</td></tr><tr><td>Windows8-RT-KB2901119-x86.msu</td><td>BD06D55E0BA591941F33531FDDAB3C51560780FC</td><td>599C04834D42FC6AF2A0AEEBD084B8ED600C1E11067FFE91BF1D94A46260A2F2</td></tr><tr><td>Windows8-RT-KB2901120-x64.msu</td><td>EFFC0CFF3BC7DBD4629233CA41AC57601ACE59B8</td><td>59E2ABA93938B8D26192EF0D9D87C48804B36AA10C5439B8D0A6925E567CF9AB</td></tr><tr><td>Windows8-RT-KB2901120-x86.msu</td><td>8691306CA5B3B6859D9BB167484A0F5520A950D7</td><td>C4C0A14083D319A93192C246ACD6867A50BF2302C9BBFB9258C05EFCB1275471</td></tr><tr><td>Windows8-RT-KB2901127-x64.msu</td><td>929F6F528B25FC64BC02780119F768F65C38D027</td><td>6C395DACF2CE290234F484881B8453C85EB51A3EE0A4EBFBC5CF43C121C4ED91</td></tr><tr><td>Windows8-RT-KB2901127-x86.msu</td><td>050C4E57D772446C9B88F19F52E66EA54B4D3838</td><td>19FD402A28F273CB02070C794CEEE282320B484153D5DB1A4A4AE364733E0C1C</td></tr><tr><td>Windows8.1-KB2898868-x64.msu</td><td>5552473818955B427E7F719F2489290D5F873E7B</td><td>210C15DBE11957270BD1BA9922BAF05F1C5091153A9119AD4A0B743E7C078AE3</td></tr><tr><td>Windows8.1-KB2898868-x86.msu</td><td>361BB76E7D3148F8E1DE13C1DF65258A783616AA</td><td>A60120602DC90717CA6A210EE58EEA172B77C17868803BE2702DD552D5BC7E20</td></tr><tr><td>Windows8.1-KB2898871-x64.msu</td><td>63EC4BF3697E4DEFD7296F52D1E0D19C2601788E</td><td>4918BC1B168B2A15D23AFCBDFCB35EF903DD390BA77F8BAFF4E50DB8FAA49719</td></tr><tr><td>Windows8.1-KB2898871-x86.msu</td><td>27F94C63A80C3C26FA2A552BCF5B14721B88CE18</td><td>6206770DC71EE4F09A8C610B97108751EAD16626823395CD85691232C636071F</td></tr><tr><td>Windows8.1-KB2901125-x64.msu</td><td>3F3945787AA3C93A57B31860783C8F1188203F9B</td><td>41D7178C4B5F5B5527C5C942208D1BF1FFDFF9EF35D22E5B0A376FE8EB7A97A7</td></tr><tr><td>Windows8.1-KB2901125-x86.msu</td><td>04962399E2D5574CBC511AEDDF2D4B96A42CED11</td><td>EC1B602D311205AC020DA59129F0FA5ACB73D7D8F87481058DB9E4EFDF293FC0</td></tr><tr><td>Windows8.1-KB2901128-x64.msu</td><td>5A34F813EE10073058A367FBEA976DCE62AD9BCF</td><td>E495DE6C6FA9609561BBF526B8850D2450E0AB811F8CDB91AA8261F24F411BAA</td></tr><tr><td>Windows8.1-KB2901128-x86.msu</td><td>C277D40CAAE1365EFF9881AB88A40CCF82E3821D</td><td>B0E03589D5E7E3C7E981CC2AF86E64A7F85D3068F16D445923BF663159B42B4F</td></tr><tr><td>WindowsServer2003-KB2898860-x86-CHS.exe</td><td>6578997B28825B6CB43D3B96C74003C123ABD73D</td><td>8391A7FD2F85E50B3DE93C92E1255E7AF56A1F49D654AE5AE7C5FE35978254F1</td></tr><tr><td>WindowsServer2003-KB2898860-x86-CHT.exe</td><td>993CE34072501EECB264791DF489C3428FFCFE70</td><td>58FF5F37B35B0D9F482DDA42013B597098705828371DF6F53C8796B894F56993</td></tr><tr><td>WindowsServer2003-KB2898860-x86-CSY.exe</td><td>016F315AD297E74E6BE378F03D27D75740D5022C</td><td>1B81391671353BA4BE270F337482891E1CC8B382D43DE4B31F86D8FA38C4CEF1</td></tr><tr><td>WindowsServer2003-KB2898860-x86-DEU.exe</td><td>3EFCFA4159F603DC4F51F3AE7F3DE3B19CB1A6E9</td><td>A71510CEB811AE13292AEEE2CB4F5F6003E93E98835CE1A393BE5BA93A29C3E6</td></tr><tr><td>WindowsServer2003-KB2898860-x86-ENU.exe</td><td>61723C06D0615E0C5C1DA9EFA0A0D2B4317757DC</td><td>670C0A4350D1F3E841BE9402B2C72E95B910CD56D915228B7E6B0F1769105AC3</td></tr><tr><td>WindowsServer2003-KB2898860-x86-ESN.exe</td><td>A8F84BA1C4A537297B942220B9AC11B1D5CFC5B3</td><td>E955CB16C47C9BEA6A00DD74FF0298E437DAB54B88DE806FDC0467F95FFAFCA6</td></tr><tr><td>WindowsServer2003-KB2898860-x86-FRA.exe</td><td>C1BF8F9414984C7AC87046FB97E3B7760266A4F3</td><td>483ED066D0212B1952814B743FA7C81C37E3800FF6C7E306066B3AADAA47BF1C</td></tr><tr><td>WindowsServer2003-KB2898860-x86-HUN.exe</td><td>5079406E3F5FC6860B41D160A44D4B2DC6D640E1</td><td>DA8C65065104996E31E9556CF3BB7DEE7034D708888F141F77B7CBD5D952E38B</td></tr><tr><td>WindowsServer2003-KB2898860-x86-ITA.exe</td><td>78030B9BF74E05F1CE90DB46CC8A681A9045A773</td><td>8CCB809C948B212C9339AF1AD576F4FE973EBDC3AD2226C9455F75BFEF320DCD</td></tr><tr><td>WindowsServer2003-KB2898860-x86-JPN.exe</td><td>3141F656983263F3909E59E54B597D40884B0A9A</td><td>BF8F96FEF79C0EA7B27A0346F476E8F67AFFDE2B572E9E58809FAA28D8659A4C</td></tr><tr><td>WindowsServer2003-KB2898860-x86-KOR.exe</td><td>DBE6D33B97F7203696BB0F64FD89D3EF109D3758</td><td>9212A5151257AF5D5D6EF81E4A5DAD31849CE28E150F61C08B5C233F19C4AA6E</td></tr><tr><td>WindowsServer2003-KB2898860-x86-NLD.exe</td><td>6575A296E7A4EFDE0B77D6FE9F6192AC1E43678D</td><td>E8E2BA5A266C5F3FE97377B9A9AE9228627EBAB53C3B27794B7A864963CA7356</td></tr><tr><td>WindowsServer2003-KB2898860-x86-PLK.exe</td><td>27E021527FEFE497DB4AC8312D48E491574D772B</td><td>413F99D31798494799C1A5659D56AF8494CD70A16315C5E7F7D4B5B9DD9BC3F3</td></tr><tr><td>WindowsServer2003-KB2898860-x86-PTB.exe</td><td>8425973B29F5EACD03BDA3972C6D5EBE7E4EA19C</td><td>E5F85322413D73E5FCC2F210B7315585698FDB307E58539139831C066BC86B2B</td></tr><tr><td>WindowsServer2003-KB2898860-x86-PTG.exe</td><td>8C4ED3EA1F2885D45EE4D6A5E1430C40C25D2173</td><td>F991B8D73B4CB43C1E721522C0263CB2EEC9AF40298056365024B0A8B8026356</td></tr><tr><td>WindowsServer2003-KB2898860-x86-RUS.exe</td><td>FE389FC21CFDD22B613E0C5F933DE7BDE9953AF2</td><td>30EC3420CBADA19797AF0BB2E7FA2CBEA058562BFCF0156CCA4E55C924DC5237</td></tr><tr><td>WindowsServer2003-KB2898860-x86-SVE.exe</td><td>B89139D8DC7E316268AAB8FDE94C44F320FD741D</td><td>E1CB750463545730C6163F2C966D21AEB4F22A30F53B13791D8F97652096A4EA</td></tr><tr><td>WindowsServer2003-KB2898860-x86-TRK.exe</td><td>B88FB4F74425620BA645BCCCF6FD4F686E26566F</td><td>7FAEE3869A8486D5470FB35427369C679C8B260A77AFF79A9DABE2C25ECCB1F6</td></tr><tr><td>WindowsServer2003-KB2901115-x86-CHS.exe</td><td>6486673019C9E9D918AB3EA904D5915DCF7186ED</td><td>4AA5A808857E8A650B3D1EFFE85D3632C5B76ED604950612AB23B68B190A66AA</td></tr><tr><td>WindowsServer2003-KB2901115-x86-CHT.exe</td><td>157193E79CFE0C91CF9C6AA2BAA6AEAC100A6F57</td><td>14618501BA27C9B177FD41702B9A5BD28FDB0A859A8B0934A236C00E08C9F600</td></tr><tr><td>WindowsServer2003-KB2901115-x86-CSY.exe</td><td>EA232151CE96AA978A9325B3F556CED51C45ABDF</td><td>813EB112671A890B80B76EE1C3F9D94D56F2DEEDD203407D36311D0C74540B02</td></tr><tr><td>WindowsServer2003-KB2901115-x86-DEU.exe</td><td>0F64F857493DA169DE114B53E8436C4C8C753AF6</td><td>74CA38469BCCC19659A9C8230C0C1E16A9BF4CC074E13B8EC6D734EB39149D1D</td></tr><tr><td>WindowsServer2003-KB2901115-x86-ENU.exe</td><td>D284B8F53E6464C2122C568009A21F9A3291A989</td><td>891EC5D171E3A073C6AB9F9E83E6F15673A6D7D472B1082AB60A430B15CC0252</td></tr><tr><td>WindowsServer2003-KB2901115-x86-ESN.exe</td><td>CB3877089F2245EC09CF1F519CF3C1814644A792</td><td>B63B9543477AC99B577F93BAA9DDAAD2517646321929311DEEDB00C6B8E1B552</td></tr><tr><td>WindowsServer2003-KB2901115-x86-FRA.exe</td><td>B9843716F46F8DF9A4B36BCC7E649C33086BFC8E</td><td>EF6C366A13778FC0721D8B0F424DFB1C18C9EC6258253DF83D1881CACDEA4853</td></tr><tr><td>WindowsServer2003-KB2901115-x86-HUN.exe</td><td>7A10FA4F164C59E6CD3F2ECDECB997A4AA8A9D1B</td><td>9B6F4661F95D4A56326EFE407F31DD856BA97C7E0848139C4426920BD47F62D9</td></tr><tr><td>WindowsServer2003-KB2901115-x86-ITA.exe</td><td>39851C9C7C7C6B5846FF75E80860B68419D59B34</td><td>9A35FECFEB1DE11E3ACFE476948758DFDB2F495BC593897A6A0DD896941AAB3C</td></tr><tr><td>WindowsServer2003-KB2901115-x86-JPN.exe</td><td>60B32AE4555FF1E576CFBA41B4D631C3BEAD44EF</td><td>54973EE8EC356FA6D968FBAF622C5EDE1720FE49316E0E06093573FA2D403326</td></tr><tr><td>WindowsServer2003-KB2901115-x86-KOR.exe</td><td>D136759F894F7F9ED8A0CA105AA24D95A6540AAB</td><td>E70D4F8EACE8676B693CDAB4172C108DD2759723B966520F5589820A442F1D50</td></tr><tr><td>WindowsServer2003-KB2901115-x86-NLD.exe</td><td>A75ADA18C4DAE7E536A425620DEBEADF4CAFC89A</td><td>B6648AE6450F5AD09D67A294B3D319596C6A630147E7AC56E7D322C8221EB440</td></tr><tr><td>WindowsServer2003-KB2901115-x86-PLK.exe</td><td>E33A45748FB63583F64A9860AA4D380D12351131</td><td>5CAE45881A45954849DD1BFE340320AD2E7296F6EA98BA4ED464BC2240EC07BD</td></tr><tr><td>WindowsServer2003-KB2901115-x86-PTB.exe</td><td>9EF59975B3E57E5A31A229C58005E53FEB339A9E</td><td>0C29CF0C0427A5FFFA1A3A8A9F17E60419E1A01C88310E266731B4521EAEF7C2</td></tr><tr><td>WindowsServer2003-KB2901115-x86-PTG.exe</td><td>1511FDE28E174D858A9E200103293FCF787E1213</td><td>C603D947D5370B531CE5C4E041253B04881D00323019934E3C6B371C5FA3E0F8</td></tr><tr><td>WindowsServer2003-KB2901115-x86-RUS.exe</td><td>746DC8346319313AB7952AACC97134CA771C5D4E</td><td>FD9C030EB4A6938618A0CF5B1C1E3FBB2FC5E7A82F7D8FDE515C3416D228FD8C</td></tr><tr><td>WindowsServer2003-KB2901115-x86-SVE.exe</td><td>0ED13DA27D13B001FA4CAEF36D0C50079E2C6737</td><td>D6259C824E7ECF6D7D53F3C999F248A1BE56D1DAD3D97EB3E710E8EA89B5D2C5</td></tr><tr><td>WindowsServer2003-KB2901115-x86-TRK.exe</td><td>3859EE0B8BAE77DBFDD108A4C188A4E2092CD886</td><td>2F3583137EB70D6A2B23D6F8CC334CE21EBFC7379745D3982F6EB5881A6F7C6D</td></tr></table></div></div><br /></span></div></div></div></div><h2></h2><div><a></a><br /><h3>Applies to</h3>This article applies to the following:<ul><li>Microsoft .NET Framework 4.5.1 when used with:<ul><li>Windows 8.1</li><li>Windows RT 8.1</li><li>Windows Server 2012 R2</li><li>Windows 8</li><li>Windows RT</li><li>Windows Server 2012</li><li>Windows 7 Service Pack 1</li><li>Windows Server 2008 R2 Service Pack 1</li><li>Windows Vista Service Pack 2</li><li>Windows Server 2008 Service Pack 2</li></ul></li><li>Microsoft .NET Framework 4.5 when used with:<ul><li>Windows 8</li><li>Windows RT</li><li>Windows Server 2012</li><li>Windows 7 Service Pack 1</li><li>Windows Server 2008 R2 Service Pack 1</li><li>Windows Vista Service Pack 2</li><li>Windows Server 2008 Service Pack 2</li></ul></li><li>Microsoft .NET Framework 4 when used with:<ul><li>Windows 7 Service Pack 1</li><li>Windows Server 2008 R2 Service Pack 1</li><li>Windows Vista Service Pack 2</li><li>Windows Server 2008 Service Pack 2</li><li>Windows XP Service Pack 3</li><li>Windows Server 2003 Service Pack 2</li></ul></li><li>Microsoft .NET Framework 3.5.1 when used with:<ul><li>Windows 7 Service Pack 1</li><li>Windows Server 2008 R2 Service Pack 1</li></ul></li><li>Microsoft .NET Framework 3.5 when used with:<ul><li>Windows 8.1</li><li>Windows Server 2012 R2</li><li>Windows 8</li><li>Windows Server 2012</li></ul></li><li>Microsoft .NET Framework 2.0 Service Pack 2 when used with:<ul><li>Windows Vista Service Pack 2</li><li>Windows Server 2008 Service Pack 2</li><li>Windows XP Service Pack 3</li><li>Windows Server 2003 Service Pack 2</li></ul></li><li>Microsoft .NET Framework 1.1 Service Pack 1 when used with:<ul><li>Windows Server 2003 Service Pack 2</li></ul></li><li>Microsoft .NET Framework 1.0 Service Pack 3 when used with:<ul><li>Windows XP Service Pack 3 Tablet PC Edition </li><li>Windows XP Service Pack 3 Media Center Edition</li></ul></li></ul></div></body></html>

Related

openvas 2
nessus 1
securityvulns 1
seebug 4
packetstorm 1
prion 3
myhack58 1
cve 3
symantec 3
metasploit 1
checkpoint_advisories 1
hackerone 1
kaspersky 1
exploitdb 1
googleprojectzero 1
openvas
openvas
Microsoft .NET Framework Multiple Vulnerabilities (2916607)
2014-02-12 00:00:00
Microsoft .NET Framework Multiple Vulnerabilities (2916607)
2014-02-12 00:00:00
nessus
nessus
MS14-009: Vulnerabilities in .NET Framework Could Allow Privilege Escalation (2916607)
2014-02-12 00:00:00
securityvulns
securityvulns
Microsoft Windows multiple security vulnerabilities
2014-02-11 00:00:00
seebug
seebug
Microsoft .NET Framework 远程权利提升漏洞(CVE-2014-0257)(MS14-009)
2014-02-12 00:00:00
MS14-009 .NET Deployment Service IE Sandbox Escape
2014-07-01 00:00:00
Microsoft .NET Framework 远程拒绝服务漏洞(CVE-2014-0253)(MS14-009)
2014-02-12 00:00:00
packetstorm
packetstorm
MS14-009 .NET Deployment Service IE Sandbox Escape
2014-06-27 00:00:00
prion
prion
Design/Logic Flaw
2014-02-12 04:50:00
Cross site request forgery (csrf)
2014-02-12 04:50:00
Design/Logic Flaw
2014-02-12 04:50:00
myhack58
myhack58
How to use. NET managed DCOM to achieve elevation of privilege-vulnerability warning-the black bar safety net
2017-05-19 00:00:00
cve
cve
CVE-2014-0253
2014-02-12 04:50:00
CVE-2014-0257
2014-02-12 04:50:00
CVE-2014-0295
2014-02-12 04:50:00
symantec
symantec
Microsoft .NET Framework CVE-2014-0257 Remote Privilege Escalation Vulnerability
2014-02-11 00:00:00
Microsoft .NET Framework CVE-2014-0253 Remote Denial of Service Vulnerability
2014-02-11 00:00:00
Microsoft .NET Framework CVE-2014-0295 ASLR Security Bypass Vulnerability
2014-02-11 00:00:00
metasploit
metasploit
MS14-009 .NET Deployment Service IE Sandbox Escape
2014-05-29 16:45:19
checkpoint_advisories
checkpoint_advisories
Microsoft ASP.NET POST Request Denial of Service (MS14-009; CVE-2014-0253)
2014-03-11 00:00:00
hackerone
hackerone
Sandbox Escape: .NET Type Traversal Vulnerability
2014-02-11 00:00:00
kaspersky
kaspersky
KLA10603 Multiple vulnerabilities in Microsoft .NET Framework
2014-11-11 00:00:00
exploitdb
exploitdb
Microsoft .NET Deployment Service - IE Sandbox Escape (MS14-009) (Metasploit)
2014-06-27 00:00:00
googleprojectzero
googleprojectzero
Exploiting .NET Managed DCOM
2017-04-28 00:00:00

9.3 High

CVSS2

Access Vector

NETWORK

Access Complexity

MEDIUM

Authentication

NONE

Confidentiality Impact

COMPLETE

Integrity Impact

COMPLETE

Availability Impact

COMPLETE

AV:N/AC:M/Au:N/C:C/I:C/A:C

JSON
Related for KB2916607
openvas2nessus1securityvulns1seebug4packetstorm1prion3myhack581cve3symantec3metasploit1checkpoint_advisories1hackerone1kaspersky1exploitdb1googleprojectzero1