Lucene search
K

6 matches found

0day.today
0day.today
added 2014/06/27 12:0 a.m.65 views

MS14-009 .NET Deployment Service IE Sandbox Escape Exploit

This Metasploit module abuses a process creation policy in the Internet Explorer Sandbox which allows to escape the Enhanced Protected Mode and execute code with Medium Integrity. The problem exists in the .NET Deployment Service dfsvc.exe, which can be run as Medium Integrity Level. Further...

7.9AI score0.69801EPSS
Exploits6
Circl
Circl
added 2014/06/27 12:0 a.m.17 views

CVE-2014-0257

creationtimestamp| type| source ---|---|--- 2014-06-27 00:00:00+00:00| confirmed| https://www.exploit-db.com/exploits/33892 2018-05-29 15:50:33+00:00| seen| https://github.com/rapid7/metasploit-framework/blob/master/modules/exploits/windows/local/ms14009iedfsvc.rb 2025-01-30 16:57:00+00:00| seen|...

9.3CVSS7.1AI score0.69801EPSS
Exploits6References3
Packet Storm
Packet Storm
added 2014/06/27 12:0 a.m.61 views

MS14-009 .NET Deployment Service IE Sandbox Escape

This module requires Metasploit: http//metasploit.com/download Current source: https://github.com/rapid7/metasploit-framework require 'msf/core' require 'rex' require 'msf/core/exploit/exe' require 'msf/core/exploit/powershell' class Metasploit3 'dfsvc' = '4.0.30319.17929.17', 'mscorlib' =...

9.3CVSS0.1AI score0.69801EPSS
Exploits6
CVE
CVE
added 2014/02/12 2:0 a.m.130 views

CVE-2014-0257

CVE-2014-0257 affects multiple .NET Framework versions (1.0 SP3 to 4.5.1). The issue is a type-traversal flaw in the .NET COM interop path: the _Object.GetType method can return a COM _Type object that lets an attacker reach .NET reflection APIs and ultimately execute code (e.g., via Process.Star...

9.3CVSS7.7AI score0.69801EPSS
Exploits6References7Affected Software1
seebug.org
seebug.org
added 2014/02/12 12:0 a.m.97 views

Microsoft .NET Framework 远程权利提升漏洞(CVE-2014-0257)(MS14-009)

BUGTRAQ ID: 65417 CVECAN ID: CVE-2014-0257 .NET就是微软的用来实现XML,Web Services,SOA(面向服务的体系结构service-oriented architecture)和敏捷性的技术。.NET Framework是微软开发的软件框架,主要运行在Microsoft Windows上。 Microsoft.NET Framework内存在权限提升漏洞,可使攻击者提升其在受影响系统上的权限。 0 Microsoft .NET Framework 4.x Microsoft .NET Framework 3.x Microsoft...

9.3CVSS2.9AI score0.69801EPSS
Exploits6
Tenable Nessus
Tenable Nessus
added 2014/02/12 12:0 a.m.133 views

MS14-009: Vulnerabilities in .NET Framework Could Allow Privilege Escalation (2916607)

The remote Windows host is running a version of the Microsoft .NET Framework that is affected by multiple vulnerabilities : - An error exists related to handling stale or closed HTTP client connections that can allow denial of service attacks. CVE-2014-0253 - An error exists related to decisions...

9.3CVSS7.3AI score0.69801EPSS
Exploits9References4
Rows per page
Query Builder