Lucene search
K

5 matches found

0day.today
0day.today
added 2020/07/27 12:0 a.m.428 views

Microsoft Windows Unsafe Handling Practices Vulnerability

This post outlines multiple unsafe practices in Microsoft Windows that can allow for local privilege escalation. This multi-part post can be read even without a MIME-compliant program! Back in 2014, I reported a vulnerability in CreateProcess's handling of .cmd and .bat files that Microsoft fixed...

6.9CVSS6.7AI score0.14736EPSS
Exploits4
Packet Storm
Packet Storm
added 2020/07/27 12:0 a.m.251 views

Microsoft Windows Unsafe Handling Practices

Hi @ll, This multi-part post can be read even without a MIME-compliant program! Back in 2014, I reported a vulnerability in CreateProcess's handling of .cmd and .bat files that Microsoft fixed with MS14-019 alias MSKB 2922229 and assigned CVE-2014-0315: command lines with a batch script as first...

6.9CVSS0.3AI score0.14736EPSS
Exploits4
Check Point Advisories
Check Point Advisories
added 2014/04/24 12:0 a.m.9 views

Microsoft Windows File Handling Component Remote Code Execution (MS14-019; CVE-2014-0315)

A remote code execution vulnerability has been reported in Microsoft Windows. The vulnerability is caused by Windows improperly restricting the path used for processing .bat and .cmd files. A remote attacker could trigger this flaw by placing a malicious executable in the working directory e.g. a...

6.9CVSS7.1AI score0.14736EPSS
Exploits4
CVE
CVE
added 2014/04/08 9:0 p.m.167 views

CVE-2014-0315

CVE-2014-0315 corresponds to the Windows File Handling vulnerability fixed by MS14-019. It is a local privilege-escalation/binary-hijacking issue caused by untrusted search path handling for .bat/.cmd files when CreateProcess() is used and the first token is CMD, which can execute a rogue cmd.exe...

6.9CVSS6.3AI score0.14736EPSS
Exploits4References3Affected Software10
Tenable Nessus
Tenable Nessus
added 2014/04/08 12:0 a.m.66 views

MS14-019: Vulnerability in Windows File Handling Component Could Allow Remote Code Execution (2922229)

The remote Windows host is potentially affected by a vulnerability in the way that Windows processes .bat and .cmd files that could allow remote code execution if a user is convinced to run a specially crafted .bat or .cmd file. When exploiting this vulnerability, an attacker could gain the same...

6.9CVSS6AI score0.14736EPSS
Exploits4References2
Rows per page
Query Builder