Lucene search
K
Database
Vendors
Products
Years
CVSS
Scanner
Agent Scanning
API Scanning
Manual Audit
Perimeter Scanner
Scanning
Projects
Email
Webhook
Plugins
Resources
Documents
Blog
Glossary
FAQ
Pricing
Contacts
About Us
Partners
Branding Guideline
openvasCopyright (C) 2014 Greenbone AGOPENVAS:1361412562310805015
HistoryNov 12, 2014 - 12:00 a.m.

Microsoft Windows OLE Object Handling Code Execution Vulnerabilities (3011443)

2014-11-1200:00:00
Copyright (C) 2014 Greenbone AG
plugins.openvas.org
36

8.9 High

AI Score

Confidence

High

9.3 High

CVSS2

Access Vector

NETWORK

Access Complexity

MEDIUM

Authentication

NONE

Confidentiality Impact

COMPLETE

Integrity Impact

COMPLETE

Availability Impact

COMPLETE

AV:N/AC:M/Au:N/C:C/I:C/A:C

0.974 High

EPSS

Percentile

99.9%

JSON

This host is missing a critical security
update according to Microsoft Bulletin MS14-064.

# SPDX-FileCopyrightText: 2014 Greenbone AG
# Some text descriptions might be excerpted from (a) referenced
# source(s), and are Copyright (C) by the respective right holder(s).
#
# SPDX-License-Identifier: GPL-2.0-only

if(description)
{
  script_oid("1.3.6.1.4.1.25623.1.0.805015");
  script_version("2023-07-26T05:05:09+0000");
  script_xref(name:"CISA", value:"Known Exploited Vulnerability (KEV) catalog");
  script_xref(name:"URL", value:"https://www.cisa.gov/known-exploited-vulnerabilities-catalog");
  script_cve_id("CVE-2014-6332", "CVE-2014-6352");
  script_tag(name:"cvss_base", value:"9.3");
  script_tag(name:"cvss_base_vector", value:"AV:N/AC:M/Au:N/C:C/I:C/A:C");
  script_tag(name:"last_modification", value:"2023-07-26 05:05:09 +0000 (Wed, 26 Jul 2023)");
  script_tag(name:"creation_date", value:"2014-11-12 10:12:10 +0530 (Wed, 12 Nov 2014)");
  script_tag(name:"solution_type", value:"VendorFix");

  script_name("Microsoft Windows OLE Object Handling Code Execution Vulnerabilities (3011443)");

  script_tag(name:"summary", value:"This host is missing a critical security
  update according to Microsoft Bulletin MS14-064.");

  script_tag(name:"vuldetect", value:"Checks if a vulnerable version is present on the target host.");

  script_tag(name:"insight", value:"A flaw exists due to unspecified errors
  when handling OLE objects within Microsoft Office files and Internet Explorer.");

  script_tag(name:"impact", value:"Successful exploitation will allow remote
  attacker to execute arbitrary code and compromise a user's system.");

  script_tag(name:"affected", value:"- Microsoft Windows 8 x32/x64

  - Microsoft Windows Server 2012/R2

  - Microsoft Windows 8.1 x32/x64

  - Microsoft Windows 7 x32/x64 Service Pack 1 and prior

  - Microsoft Windows Vista x32/x64 Service Pack 2 and prior

  - Microsoft Windows 2003 x32/x64 Service Pack 2 and prior

  - Microsoft Windows Server 2008 R2 x64 Service Pack 1 and prior

  - Microsoft Windows Server 2008 x32/x64 Service Pack 2 and prior");

  script_tag(name:"solution", value:"The vendor has released updates. Please see the references for more information.");

  script_tag(name:"qod_type", value:"executable_version");

  script_xref(name:"URL", value:"https://support.microsoft.com/kb/3011443");
  script_xref(name:"URL", value:"http://www.securityfocus.com/bid/70690");
  script_xref(name:"URL", value:"http://www.securityfocus.com/bid/70952");
  script_xref(name:"URL", value:"https://support.microsoft.com/kb/3010788");
  script_xref(name:"URL", value:"https://support.microsoft.com/kb/3006226");
  script_xref(name:"URL", value:"https://technet.microsoft.com/library/security/ms14-064");
  script_category(ACT_GATHER_INFO);
  script_copyright("Copyright (C) 2014 Greenbone AG");
  script_family("Windows : Microsoft Bulletins");
  script_dependencies("smb_reg_service_pack.nasl");
  script_require_ports(139, 445);
  script_mandatory_keys("SMB/WindowsVersion");

  exit(0);
}

include("smb_nt.inc");
include("secpod_reg.inc");
include("version_func.inc");
include("secpod_smb_func.inc");

if(hotfix_check_sp(win2003:3, win2003x64:3, winVista:3, win7:2, win7x64:2, win2008:3,
                   win2008r2:2, win8:1, win8x64:1, win2012:1, win2012R2:1, win8_1:1,
                   win8_1x64:1) <= 0){
  exit(0);
}

sysPath = smb_get_systemroot();
if(!sysPath ){
  exit(0);
}

dllVer1 = fetch_file_version(sysPath:sysPath, file_name:"system32\Packager.dll");
dllVer2 = fetch_file_version(sysPath:sysPath, file_name:"system32\Oleaut32.dll");
if(!dllVer1 && !dllVer2){
  exit(0);
}


if(hotfix_check_sp(win2003x64:3,win2003:3) > 0 && dllVer1)
{
  if(version_is_less(version:dllVer1, test_version:"5.2.3790.5464")){
    security_message( port: 0, data: "The target host was found to be vulnerable" );
  }
  exit(0);
}

## Currently not supporting for Vista and Windows Server 2008 64 bit
if(hotfix_check_sp(winVista:3, win2008:3) > 0)
{
  if(dllVer1)
  {
    if(version_is_less(version:dllVer1, test_version:"6.0.6002.19220")||
       version_in_range(version:dllVer1, test_version:"6.0.6002.23000", test_version2:"6.0.6002.23526")){
      security_message( port: 0, data: "The target host was found to be vulnerable" );
    }
  }

  if(dllVer2)
  {
    if(version_is_less(version:dllVer2, test_version:"6.0.6002.19216")||
       version_in_range(version:dllVer2, test_version:"6.0.6002.23000", test_version2:"6.0.6002.23522")){
      security_message( port: 0, data: "The target host was found to be vulnerable" );
    }
  }
  exit(0);
}

if(hotfix_check_sp(win7:2, win7x64:2, win2008r2:2) > 0)
{
  if(dllVer1)
  {
    if(version_is_less(version:dllVer1, test_version:"6.1.7601.18645")||
       version_in_range(version:dllVer1, test_version:"6.1.7601.22000", test_version2:"6.1.7601.22852")){
      security_message( port: 0, data: "The target host was found to be vulnerable" );
    }
  }
  if(dllVer2)
  {
    if(version_is_less(version:dllVer2, test_version:"6.1.7601.18640")||
       version_in_range(version:dllVer2, test_version:"6.1.7601.22000", test_version2:"6.1.7601.22845")){
      security_message( port: 0, data: "The target host was found to be vulnerable" );
    }
  }
  exit(0);
}

if(hotfix_check_sp(win8:1, win8x64:1, win2012:1) > 0)
{
  if(dllVer1)
  {
    if(version_is_less(version:dllVer1, test_version:"6.2.9200.17160")||
       version_in_range(version:dllVer1, test_version:"6.2.9200.20000", test_version2:"6.2.9200.21277")){
      security_message( port: 0, data: "The target host was found to be vulnerable" );
    }
  }
  if(dllVer2)
  {
    if(version_is_less(version:dllVer2, test_version:"6.2.9200.17155")||
       version_in_range(version:dllVer2, test_version:"6.2.9200.20000", test_version2:"6.2.9200.21272")){
      security_message( port: 0, data: "The target host was found to be vulnerable" );
    }
  }
  exit(0);
}

## Win 8.1 and win2012R2
if(hotfix_check_sp(win8_1:1, win8_1x64:1, win2012R2:1) > 0)
{
  if((dllVer1 && version_is_less(version:dllVer1, test_version:"6.3.9600.17408")) ||
     (dllVer2 && version_is_less(version:dllVer2, test_version:"6.3.9600.17403"))){
   security_message( port: 0, data: "The target host was found to be vulnerable" );
  }
  exit(0);
}

Related

mskb 1
nessus 2
threatpost 8
checkpoint_advisories 4
zdt 10
exploitpack 5
packetstorm 15
fireeye 14
cisa_kev 2
seebug 3
securityvulns 2
symantec 2
saint 4
canvas 1
prion 2
vulnerlab 2
attackerkb 3
cve 2
cert 1
metasploit 2
cisa 2
exploitdb 4
securelist 2
thn 4
myhack58 2
malwarebytes 1
mmpc 1
kaspersky 1
mskb
mskb
MS14-064: Vulnerabilities in Windows OLE could allow remote code execution: November 11, 2014
2014-11-11 00:00:00
nessus
nessus
MS14-064: Vulnerabilities in Windows OLE Could Allow Remote Code Execution (3011443)
2014-11-11 00:00:00
MS KB3010060: Vulnerability in Microsoft OLE Could Allow Remote Code Execution (deprecated)
2014-10-22 00:00:00
threatpost
threatpost
November 2014 Microsoft Patch Tuesday Security Bulletins
2014-11-11 14:07:38
EternalBlue Exploit Spreading Gh0st RAT, Nitol
2017-06-02 14:32:11
'Dropping Elephant' APT Attackers Targets Old Windows Flaws
2016-07-08 11:04:30
checkpoint_advisories
checkpoint_advisories
Microsoft Windows OLE Obfuscated Automation Array Remote Code Execution (CVE-2014-6332)
2019-02-14 00:00:00
Microsoft Windows OLE Automation Array Remote Code Execution (MS14-064; CVE-2014-6332)
2014-11-11 00:00:00
Microsoft Windows OLE Remote Code Execution (MS14-060; CVE-2014-4114; CVE-2014-6352)
2014-10-14 00:00:00
zdt
zdt
Havij - OLE Automation Array Remote Code Execution Exploit
2015-07-01 00:00:00
MS Office 2007 and 2010 - OLE Arbitrary Command Execution Exploit
2014-11-12 00:00:00
The World Browser 3.0 Final - Remote Code Execution Exploit
2015-10-22 00:00:00
exploitpack
exploitpack
Microsoft Office 20072010 - OLE Arbitrary Command Execution
2014-11-12 00:00:00
IBM Security AppScan Standard 9.0.2 - OLE Automation Array Remote Code Execution
2015-06-01 00:00:00
Microsoft Internet Explorer 11 - OLE Automation Array Remote Code Execution (1)
2014-11-13 00:00:00
packetstorm
packetstorm
MS14-064 Microsoft Windows OLE Package Manager Code Execution
2014-11-13 00:00:00
Microsoft HTA (HTML Application) Remote Code Execution
2015-08-22 00:00:00
Microsoft Internet Explorer OLE Pre-IE11 Code Execution
2014-11-21 00:00:00
fireeye
fireeye
GongDa vs. Korean News
2016-03-18 12:30:00
Threat actors leverage EternalBlue exploit to deliver non-WannaCry payloads
2017-06-02 13:00:00
GongDa vs. Korean News
2016-03-18 08:30:00
cisa_kev
cisa_kev
Microsoft Windows Object Linking & Embedding (OLE) Automation Array Remote Code Execution Vulnerability
2022-03-25 00:00:00
Microsoft Windows Code Injection Vulnerability
2022-02-25 00:00:00
seebug
seebug
IBM Security AppScan Standard <= 9.0.2 - OLE Automation Array Remote Code Execution
2015-08-31 00:00:00
IE Godmode remote code execution vulnerability, CVE-2014-6332)
2017-03-06 00:00:00
MS Office 2007 and 2010 - OLE Arbitrary Command Execution
2014-11-13 00:00:00
securityvulns
securityvulns
Microsoft HTA &#40;HTML Application&#41; - Remote Code Execution Vulnerability &#40;MS14-064&#41;
2015-08-24 00:00:00
Microsoft Windows multiple security vulnerabilities
2015-08-24 00:00:00
symantec
symantec
Microsoft Windows CVE-2014-6332 OLE Remote Code Execution Vulnerability
2014-11-11 00:00:00
Microsoft Windows CVE-2014-6352 OLE Remote Code Execution Vulnerability
2014-10-21 00:00:00
saint
saint
Windows OLE Automation Array command execution
2014-11-17 00:00:00
Windows OLE Automation Array command execution
2014-11-17 00:00:00
Windows OLE Automation Array command execution
2014-11-17 00:00:00
canvas
canvas
Immunity Canvas: MS14_064_IE_OLEAUT32
2014-11-11 22:55:00
prion
prion
Remote code execution
2014-11-11 22:55:00
Code injection
2014-10-22 14:55:00
vulnerlab
vulnerlab
MS HTA (HTML Application) - Code Execution (MS14-064)
2015-08-15 00:00:00
MS HTA (HTML Application) - Code Execution (MS14-064)
2015-08-15 00:00:00
attackerkb
attackerkb
CVE-2014-6332
2014-11-11 00:00:00
CVE-2014-6352
2014-10-22 00:00:00
Microsoft Internet Explorer Use-After-Free Vulnerability
2014-10-15 00:00:00
cve
cve
CVE-2014-6332
2014-11-11 22:55:00
CVE-2014-6352
2014-10-22 14:55:00
cert
cert
Microsoft Windows Object Linking and Embedding (OLE) OleAut32 library SafeArrayRedim function vulnerable to remote code execution via Internet Explorer
2014-11-13 00:00:00
metasploit
metasploit
MS14-064 Microsoft Internet Explorer Windows OLE Automation Array Remote Code Execution
2014-11-24 07:25:18
MS14-064 Microsoft Windows OLE Package Manager Code Execution
2014-11-12 07:10:49
cisa
cisa
Microsoft Releases Advisory for Unpatched Windows Vulnerability
2014-10-22 00:00:00
CISA Adds Four Known Exploited Vulnerabilities to Catalog
2022-02-25 00:00:00
exploitdb
exploitdb
Microsoft Internet Explorer &lt; 11 - OLE Automation Array Remote Code Execution (Metasploit)
2014-11-13 00:00:00
Microsoft Internet Explorer 11 - OLE Automation Array Remote Code Execution (1)
2014-11-13 00:00:00
Microsoft Windows - OLE Package Manager Code Execution (MS14-064) (Metasploit)
2014-11-14 00:00:00
securelist
securelist
Delving deep into VBScript
2018-07-03 13:00:13
The King is dead. Long live the King!
2018-05-09 06:00:56
thn
thn
Microsoft PowerPoint Vulnerable to Zero-Day Attack
2014-10-22 00:54:00
CISA adds recently disclosed Zimbra bug to its Exploited Vulnerabilities Catalog
2022-03-01 04:37:00
Experts Warn of Browser Extensions Spying On Users via Cloud9 Chrome Botnet Network
2022-11-09 11:01:00
myhack58
myhack58
For a suspected CVE-2016-0189 the original attack sample debugging-vulnerability warning-the black bar safety net
2019-06-13 00:00:00
The macro perspective of the office vulnerability, 2010-2018-a vulnerability warning-the black bar safety net
2019-06-13 00:00:00
malwarebytes
malwarebytes
RIG exploit kit distributes Princess ransomware
2017-08-31 20:04:32
mmpc
mmpc
Exploit kits remain a cybercrime staple against outdated software – 2016 threat landscape review series
2017-01-23 22:37:34
kaspersky
kaspersky
KLA10601 Multiple vulnerabilities in Microsoft products
2014-11-11 00:00:00

8.9 High

AI Score

Confidence

High

9.3 High

CVSS2

Access Vector

NETWORK

Access Complexity

MEDIUM

Authentication

NONE

Confidentiality Impact

COMPLETE

Integrity Impact

COMPLETE

Availability Impact

COMPLETE

AV:N/AC:M/Au:N/C:C/I:C/A:C

0.974 High

EPSS

Percentile

99.9%

JSON
Related for OPENVAS:1361412562310805015
mskb1nessus2threatpost8checkpoint_advisories4zdt10exploitpack5packetstorm15fireeye14cisa_kev2seebug3securityvulns2symantec2saint4canvas1prion2vulnerlab2attackerkb3cve2cert1metasploit2cisa2exploitdb4securelist2thn4myhack582malwarebytes1mmpc1kaspersky1