5 matches found
CVE-2014-4073
CVE-2014-4073 is an Elevation of Privilege flaw in Microsoft .NET Framework related to ClickOnce and DCOM, enabling an attacker to gain privileges by processing unverified data via interactions with the ClickOnce installer or through .NET DCOM/WMI paths. Affected products include .NET Framework 2...
CVE-2014-4073
Microsoft .NET Framework 2.0 SP2, 3.5, 3.5.1, 4, 4.5, 4.5.1, and 4.5.2 processes unverified data during interaction with the ClickOnce installer, which allows remote attackers to gain privileges via vectors involving Internet Explorer, aka ".NET ClickOnce Elevation of Privilege Vulnerability."...
More Details About CVE-2014-4073 Elevation of Privilege Vulnerability
Today Microsoft shipped MS14-057 to the .NET Framework in order to resolve an Elevation of Privilege vulnerability in the ClickOnce deployment service. While this update fixes this service, developers using Managed Distributed Component Object Model a .NET wrapped around DCOM need to take immedia...
CVE-2014-4073
creationtimestamp| type| source ---|---|--- 2014-10-14 05:00:00+00:00| seen| https://msrc.microsoft.com/blog/2014/10/more-details-about-cve-2014-4073-elevation-of-privilege-vulnerability/...
Microsoft .NET Framework ClickOnce CVE-2014-4073 Remote Privilege Escalation Vulnerability
Description Microsoft .NET Framework is prone to a remote privilege-escalation vulnerability. An attacker can exploit this issue to gain elevated privileges within the context of the application; this can result in the attacker gaining complete control of the affected system. Technologies Affecte...