5 matches found
Microsoft Windows Unsafe Handling Practices Vulnerability
This post outlines multiple unsafe practices in Microsoft Windows that can allow for local privilege escalation. This multi-part post can be read even without a MIME-compliant program! Back in 2014, I reported a vulnerability in CreateProcess's handling of .cmd and .bat files that Microsoft fixed...
Microsoft Windows Unsafe Handling Practices
Hi @ll, This multi-part post can be read even without a MIME-compliant program! Back in 2014, I reported a vulnerability in CreateProcess's handling of .cmd and .bat files that Microsoft fixed with MS14-019 alias MSKB 2922229 and assigned CVE-2014-0315: command lines with a batch script as first...
Microsoft Windows File Handling Component Remote Code Execution (MS14-019; CVE-2014-0315)
A remote code execution vulnerability has been reported in Microsoft Windows. The vulnerability is caused by Windows improperly restricting the path used for processing .bat and .cmd files. A remote attacker could trigger this flaw by placing a malicious executable in the working directory e.g. a...
CVE-2014-0315
CVE-2014-0315 corresponds to the Windows File Handling vulnerability fixed by MS14-019. It is a local privilege-escalation/binary-hijacking issue caused by untrusted search path handling for .bat/.cmd files when CreateProcess() is used and the first token is CMD, which can execute a rogue cmd.exe...
MS14-019: Vulnerability in Windows File Handling Component Could Allow Remote Code Execution (2922229)
The remote Windows host is potentially affected by a vulnerability in the way that Windows processes .bat and .cmd files that could allow remote code execution if a user is convinced to run a specially crafted .bat or .cmd file. When exploiting this vulnerability, an attacker could gain the same...