Lucene search
K
Database
Vendors
Products
Years
CVSS
Scanner
Agent Scanning
API Scanning
Manual Audit
Perimeter Scanner
Scanning
Projects
Email
Webhook
Plugins
Resources
Documents
Blog
Glossary
FAQ
Pricing
Contacts
About Us
Partners
Branding Guideline
nessusThis script is Copyright (C) 2014-2022 Tenable Network Security, Inc.SMB_NT_MS14-051.NASL
HistoryAug 12, 2014 - 12:00 a.m.

MS14-051: Cumulative Security Update for Internet Explorer (2976627)

2014-08-1200:00:00
This script is Copyright (C) 2014-2022 Tenable Network Security, Inc.
www.tenable.com
49
JSON

The remote host is missing Internet Explorer (IE) Security Update 2976627.

The version of Internet Explorer installed on the remote host is affected by multiple vulnerabilities, the majority of which are remote code execution vulnerabilities. An attacker could exploit these by convincing a user to visit a specially crafted web page.

#
# (C) Tenable Network Security, Inc.
#

include('compat.inc');

if (description)
{
  script_id(77169);
  script_version("1.17");
  script_set_attribute(attribute:"plugin_modification_date", value:"2022/05/25");

  script_cve_id(
    "CVE-2014-2774",
    "CVE-2014-2784",
    "CVE-2014-2796",
    "CVE-2014-2808",
    "CVE-2014-2810",
    "CVE-2014-2811",
    "CVE-2014-2817",
    "CVE-2014-2818",
    "CVE-2014-2819",
    "CVE-2014-2820",
    "CVE-2014-2821",
    "CVE-2014-2822",
    "CVE-2014-2823",
    "CVE-2014-2824",
    "CVE-2014-2825",
    "CVE-2014-2826",
    "CVE-2014-2827",
    "CVE-2014-4050",
    "CVE-2014-4051",
    "CVE-2014-4052",
    "CVE-2014-4055",
    "CVE-2014-4056",
    "CVE-2014-4057",
    "CVE-2014-4058",
    "CVE-2014-4063",
    "CVE-2014-4067",
    "CVE-2014-4145",
    "CVE-2014-6354",
    "CVE-2014-8985"
  );
  script_bugtraq_id(
    69090,
    69092,
    69095,
    69100,
    69101,
    69103,
    69104,
    69106,
    69115,
    69116,
    69117,
    69118,
    69119,
    69120,
    69121,
    69122,
    69124,
    69125,
    69126,
    69127,
    69128,
    69129,
    69130,
    69131,
    69132,
    69134,
    72593,
    99810
  );
  script_xref(name:"MSFT", value:"MS14-051");
  script_xref(name:"MSKB", value:"2976627");
  script_xref(name:"CISA-KNOWN-EXPLOITED", value:"2022/06/15");

  script_name(english:"MS14-051: Cumulative Security Update for Internet Explorer (2976627)");

  script_set_attribute(attribute:"synopsis", value:
"The remote host has a web browser that is affected by multiple
vulnerabilities.");
  script_set_attribute(attribute:"description", value:
"The remote host is missing Internet Explorer (IE) Security Update
2976627.

The version of Internet Explorer installed on the remote host is
affected by multiple vulnerabilities, the majority of which are remote
code execution vulnerabilities. An attacker could exploit these by
convincing a user to visit a specially crafted web page.");
  script_set_attribute(attribute:"see_also", value:"https://docs.microsoft.com/en-us/security-updates/SecurityBulletins/2014/ms14-051");
  script_set_attribute(attribute:"see_also", value:"https://www.zerodayinitiative.com/advisories/ZDI-14-285/");
  script_set_attribute(attribute:"see_also", value:"https://www.zerodayinitiative.com/advisories/ZDI-15-032/");
  script_set_attribute(attribute:"see_also", value:"https://www.zerodayinitiative.com/advisories/ZDI-14-292/");
  script_set_attribute(attribute:"solution", value:
"Microsoft has released a set of patches for Internet Explorer 6, 7, 8,
9, 10, and 11.");
  script_set_cvss_base_vector("CVSS2#AV:N/AC:M/Au:N/C:C/I:C/A:C");
  script_set_cvss_temporal_vector("CVSS2#E:H/RL:OF/RC:C");
  script_set_cvss3_base_vector("CVSS:3.0/AV:N/AC:H/PR:N/UI:R/S:U/C:H/I:H/A:H");
  script_set_cvss3_temporal_vector("CVSS:3.0/E:H/RL:O/RC:C");
  script_set_attribute(attribute:"cvss_score_source", value:"CVE-2014-4067");
  script_set_attribute(attribute:"cvss3_score_source", value:"CVE-2014-8985");

  script_set_attribute(attribute:"exploitability_ease", value:"Exploits are available");
  script_set_attribute(attribute:"exploit_available", value:"true");
  script_set_attribute(attribute:"exploited_by_malware", value:"true");

  script_set_attribute(attribute:"vuln_publication_date", value:"2014/08/07");
  script_set_attribute(attribute:"patch_publication_date", value:"2014/08/12");
  script_set_attribute(attribute:"plugin_publication_date", value:"2014/08/12");

  script_set_attribute(attribute:"plugin_type", value:"local");
  script_set_attribute(attribute:"cpe", value:"cpe:/o:microsoft:windows");
  script_set_attribute(attribute:"cpe", value:"cpe:/a:microsoft:ie");
  script_end_attributes();

  script_category(ACT_GATHER_INFO);
  script_family(english:"Windows : Microsoft Bulletins");

  script_copyright(english:"This script is Copyright (C) 2014-2022 Tenable Network Security, Inc.");

  script_dependencies("smb_hotfixes.nasl", "ms_bulletin_checks_possible.nasl");
  script_require_keys("SMB/MS_Bulletin_Checks/Possible");
  script_require_ports(139, 445, "Host/patch_management_checks");

  exit(0);
}

include("audit.inc");
include("smb_hotfixes_fcheck.inc");
include("smb_hotfixes.inc");
include("smb_func.inc");
include("misc_func.inc");

get_kb_item_or_exit("SMB/MS_Bulletin_Checks/Possible");

bulletin = 'MS14-051';
kb = '2976627';

kbs = make_list(kb);
if (get_kb_item("Host/patch_management_checks")) hotfix_check_3rd_party(bulletin:bulletin, kbs:kbs, severity:SECURITY_HOLE);

get_kb_item_or_exit("SMB/Registry/Enumerated");
get_kb_item_or_exit("SMB/WindowsVersion", exit_code:1);

if (hotfix_check_sp_range(win2003:'2', vista:'2', win7:'1', win8:'0', win81:'0') <= 0) audit(AUDIT_OS_SP_NOT_VULN);
if (hotfix_check_server_core() == 1) audit(AUDIT_WIN_SERVER_CORE);

share = hotfix_get_systemdrive(exit_on_fail:TRUE, as_share:TRUE);
if (!is_accessible_share(share:share)) audit(AUDIT_SHARE_FAIL, share);

if (
  # Windows 8.1 / 2012 R2
  #
  # - Internet Explorer 11 with KB2919355 applied
  hotfix_is_vulnerable(os:"6.3", file:"Mshtml.dll", version:"11.0.9600.17239", min_version:"11.0.9600.17000", dir:"\system32", bulletin:bulletin, kb:kb) ||

  # Windows 8 / 2012
  #
  # - Internet Explorer 10
  hotfix_is_vulnerable(os:"6.2", file:"Mshtml.dll", version:"10.0.9200.21173", min_version:"10.0.9200.21000", dir:"\system32", bulletin:bulletin, kb:kb) ||
  hotfix_is_vulnerable(os:"6.2", file:"Mshtml.dll", version:"10.0.9200.17054", min_version:"10.0.9200.16000", dir:"\system32", bulletin:bulletin, kb:kb) ||

  # Windows 7 / 2008 R2
  # - Internet Explorer 11 with KB2929437 applied
  hotfix_is_vulnerable(os:"6.1", sp:1, file:"Mshtml.dll", version:"11.0.9600.17239", min_version:"11.0.9600.17000", dir:"\system32", bulletin:bulletin, kb:kb) ||
  # - Internet Explorer 10
  hotfix_is_vulnerable(os:"6.1", sp:1, file:"Mshtml.dll", version:"10.0.9200.21173", min_version:"10.0.9200.21000", dir:"\system32", bulletin:bulletin, kb:kb) ||
  hotfix_is_vulnerable(os:"6.1", sp:1, file:"Mshtml.dll", version:"10.0.9200.17054", min_version:"10.0.9200.16000", dir:"\system32", bulletin:bulletin, kb:kb) ||
  # - Internet Explorer 9
  hotfix_is_vulnerable(os:"6.1", sp:1, file:"Mshtml.dll", version:"9.0.8112.20674", min_version:"9.0.8112.20000", dir:"\system32", bulletin:bulletin, kb:kb) ||
  hotfix_is_vulnerable(os:"6.1", sp:1, file:"Mshtml.dll", version:"9.0.8112.16563", min_version:"9.0.8112.16000", dir:"\system32", bulletin:bulletin, kb:kb) ||
  # - Internet Explorer 8
  hotfix_is_vulnerable(os:"6.1", sp:1, file:"Mshtml.dll", version:"8.0.7601.22745", min_version:"8.0.7601.22000", dir:"\system32", bulletin:bulletin, kb:kb) ||
  hotfix_is_vulnerable(os:"6.1", sp:1, file:"Mshtml.dll", version:"8.0.7601.18534", min_version:"8.0.7601.17000", dir:"\system32", bulletin:bulletin, kb:kb) ||

  # Vista / 2008
  #
  # - Internet Explorer 9
  hotfix_is_vulnerable(os:"6.0", sp:2, file:"Mshtml.dll", version:"9.0.8112.20674", min_version:"9.0.8112.20000", dir:"\system32", bulletin:bulletin, kb:kb) ||
  hotfix_is_vulnerable(os:"6.0", sp:2, file:"Mshtml.dll", version:"9.0.8112.16563", min_version:"9.0.8112.16000", dir:"\system32", bulletin:bulletin, kb:kb) ||
  # - Internet Explorer 8
  hotfix_is_vulnerable(os:"6.0", sp:2, file:"Mshtml.dll", version:"8.0.6001.23611", min_version:"8.0.6001.23000", dir:"\system32", bulletin:bulletin, kb:kb) ||
  hotfix_is_vulnerable(os:"6.0", sp:2, file:"Mshtml.dll", version:"8.0.6001.19553", min_version:"8.0.6001.18000", dir:"\system32", bulletin:bulletin, kb:kb) ||
  # - Internet Explorer 7
  hotfix_is_vulnerable(os:"6.0", sp:2, file:"Mshtml.dll", version:"7.0.6002.23446", min_version:"7.0.6002.23000", dir:"\system32", bulletin:bulletin, kb:kb) ||
  hotfix_is_vulnerable(os:"6.0", sp:2, file:"Mshtml.dll", version:"7.0.6002.19143", min_version:"7.0.6002.18000", dir:"\system32", bulletin:bulletin, kb:kb) ||
  # Windows 2003
  #
  # - Internet Explorer 8
  hotfix_is_vulnerable(os:"5.2", sp:2, file:"Mshtml.dll", version:"8.0.6001.23611", min_version:"8.0.0.0", dir:"\system32", bulletin:bulletin, kb:kb) ||
  # - Internet Explorer 7
  hotfix_is_vulnerable(os:"5.2", sp:2, file:"Mshtml.dll", version:"7.0.6000.21397", min_version:"7.0.0.0", dir:"\system32", bulletin:bulletin, kb:kb) ||
  # - Internet Explorer 6
  hotfix_is_vulnerable(os:"5.2", sp:2, file:"Mshtml.dll", version:"6.0.3790.5392",  min_version:"6.0.0.0", dir:"\system32", bulletin:bulletin, kb:kb)
)
{
  set_kb_item(name:"SMB/Missing/"+bulletin, value:TRUE);
  hotfix_security_hole();
  hotfix_check_fversion_end();
  exit(0);
}
else
{
  hotfix_check_fversion_end();
  audit(AUDIT_HOST_NOT, 'affected');
}
VendorProductVersionCPE
microsoftwindowscpe:/o:microsoft:windows
microsoftiecpe:/a:microsoft:ie

References

Related

openvas 1
cvelist 29
prion 29
cve 29
securityvulns 1
zdi 15
checkpoint_advisories 6
symantec 26
attackerkb 1
cisa_kev 1
kaspersky 1
openvas
openvas
Microsoft Internet Explorer Multiple Vulnerabilities (2976627)
2014-08-13 00:00:00
cvelist
cvelist
CVE-2014-8985
2018-02-08 23:00:00
CVE-2014-4145
2018-02-08 23:00:00
CVE-2014-2796
2014-08-12 21:00:00
prion
prion
Memory corruption
2018-02-08 23:29:00
Memory corruption
2018-02-08 23:29:00
Memory corruption
2014-08-12 21:55:00
cve
cve
CVE-2014-4145
2018-02-08 23:29:00
CVE-2014-8985
2018-02-08 23:29:00
CVE-2014-2808
2014-08-12 21:55:00
securityvulns
securityvulns
Microsoft Windows multiple security vulnerabilities
2014-09-15 00:00:00
zdi
zdi
Microsoft Internet Explorer CSVGSVGElement Use-After-Free Remote Code Execution Vulnerability
2015-02-10 00:00:00
Microsoft Internet Explorer CElement::DelMarkupPtr Out-Of-Bounds Read Remote Code Execution Vulnerability
2014-10-14 00:00:00
Microsoft Internet Explorer CElement::GetClassCacheArray Improper Indexing Remote Code Execution Vulnerability
2014-08-12 00:00:00
checkpoint_advisories
checkpoint_advisories
Microsoft Internet Explorer Memory Corruption (MS14-051: CVE-2014-2823)
2014-08-12 00:00:00
Microsoft Internet Explorer Memory Corruption (MS14-051: CVE-2014-2824)
2014-08-12 00:00:00
Microsoft Internet Explorer Memory Corruption (MS14-051: CVE-2014-2820)
2014-08-12 00:00:00
symantec
symantec
Microsoft Internet Explorer CVE-2014-2823 Remote Memory Corruption Vulnerability
2014-08-12 00:00:00
Microsoft Internet Explorer CVE-2014-2820 Remote Memory Corruption Vulnerability
2014-08-12 00:00:00
Microsoft Internet Explorer CVE-2014-2824 Remote Memory Corruption Vulnerability
2014-08-12 00:00:00
attackerkb
attackerkb
CVE-2014-2817
2014-08-12 00:00:00
cisa_kev
cisa_kev
Microsoft Internet Explorer Privilege Escalation Vulnerability
2022-05-25 00:00:00
kaspersky
kaspersky
KLA10602 Multiple vulnerabilities in Microsoft Internet Explorer
2014-09-09 00:00:00
JSON
Related for SMB_NT_MS14-051.NASL
openvas1cvelist29prion29cve29securityvulns1zdi15checkpoint_advisories6symantec26attackerkb1cisa_kev1kaspersky1