Lucene search
K

19 matches found

CISA
CISA
added 2022/02/25 12:0 a.m.124 views

CISA Adds Four Known Exploited Vulnerabilities to Catalog

CISA has added four new vulnerabilities to its Known Exploited Vulnerabilities Catalog, based on evidence that threat actors are actively exploiting the vulnerabilities listed in the table below. These types of vulnerabilities are a frequent attack vector for malicious cyber actors of all types a...

9.3CVSS1.1AI score0.89889EPSS
Exploits27References5
exploitpack
exploitpack
added 2015/01/04 4:0 p.m.66 views

Microsoft-Office-2007-and-2010---OLE-Arbitrary-Command-Execution

CVE-2014-6352 OLE Remote Code Execution Author Abhishek Lyall - abhilyallatgmaildotcom, infoataslitsecuritydotcom Advanced Hacking Trainings - http://training.aslitsecurity.com Web - http://www.aslitsecurity.com/ Blog - http://www.aslitsecurity.blogspot.com/ Tested on win7 - office 2007 and 2010...

9.3CVSS8.1AI score0.77553EPSS
Exploits11
Packet Storm
Packet Storm
added 2014/11/14 12:0 a.m.178 views

MS14-064 Microsoft Windows OLE Package Manager Code Execution Through Python

This module requires Metasploit: http//metasploit.com/download Current source: https://github.com/rapid7/metasploit-framework require 'msf/core' class Metasploit3 "MS14-064 Microsoft Windows OLE Package Manager Code Execution Through Python", 'Description' = %q This module exploits a vulnerabilit...

9.3CVSS0.3AI score0.81628EPSS
Exploits30
Exploit DB
Exploit DB
added 2014/11/14 12:0 a.m.123 views

Microsoft Windows - OLE Package Manager Code Execution (MS14-064) (Metasploit)

This module requires Metasploit: http//metasploit.com/download Current source: https://github.com/rapid7/metasploit-framework require 'msf/core' class Metasploit3 "MS14-064 Microsoft Windows OLE Package Manager Code Execution", 'Description' = %q This module exploits a vulnerability found in...

9.3CVSS8AI score0.77553EPSS
Exploits11
exploitpack
exploitpack
added 2014/11/12 12:0 a.m.30 views

Microsoft Office 20072010 - OLE Arbitrary Command Execution

Microsoft Office 20072010 - OLE Arbitrary Command Execution Full exploit: https://github.com/offensive-security/exploitdb-bin-sploits/raw/master/bin-sploits/35216.rar CVE-2014-6352 OLE Remote Code Execution Author Abhishek Lyall - abhilyallatgmaildotcom, infoataslitsecuritydotcom Advanced Hacking...

9.3CVSS0.5AI score0.77553EPSS
Exploits11
0day.today
0day.today
added 2014/11/12 12:0 a.m.65 views

MS Office 2007 and 2010 - OLE Arbitrary Command Execution Exploit

Microsoft Office 2007 and 2010 OLE arbitrary command execution exploit. This exploit will not give a UAC warning. No .inf file is required in this exploit. The size of the executable payload should be less than 400kb. Python 2.7 is required. Full exploit: http://www.exploit-db.com/sploits/35216.r...

9.3CVSS0.5AI score0.77553EPSS
Exploits11
Exploit DB
Exploit DB
added 2014/11/12 12:0 a.m.71 views

Microsoft Office 2007/2010 - OLE Arbitrary Command Execution

Full exploit: https://gitlab.com/exploit-database/exploitdb-bin-sploits/-/raw/main/bin-sploits/35216.rar CVE-2014-6352 OLE Remote Code Execution Author Abhishek Lyall - abhilyallatgmaildotcom, infoataslitsecuritydotcom Advanced Hacking Trainings - http://training.aslitsecurity.com Web -...

9.3CVSS7AI score0.77553EPSS
Exploits11
OpenVAS
OpenVAS
added 2014/11/12 12:0 a.m.71 views

Microsoft Windows OLE Object Handling Code Execution Vulnerabilities (3011443)

This host is missing a critical security update according to Microsoft Bulletin MS14-064. SPDX-FileCopyrightText: 2014 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only...

9.3CVSS8.1AI score0.94996EPSS
Exploits50References8
Tenable Nessus
Tenable Nessus
added 2014/11/11 12:0 a.m.221 views

MS14-064: Vulnerabilities in Windows OLE Could Allow Remote Code Execution (3011443)

The remote Windows host is affected by multiple vulnerabilities : - A remote code execution vulnerability due to Internet Explorer improperly handling access to objects in memory. A remote attacker can exploit this vulnerability by convincing a user to visit a specially crafted website in Interne...

9.3CVSS9AI score0.94996EPSS
Exploits50References3
Cvelist
Cvelist
added 2014/10/22 2:0 p.m.44 views

CVE-2014-6352

Microsoft Windows Vista SP2, Windows Server 2008 SP2 and R2 SP1, Windows 7 SP1, Windows 8, Windows 8.1, Windows Server 2012 Gold and R2, and Windows RT Gold and 8.1 allow remote attackers to execute arbitrary code via a crafted OLE object, as exploited in the wild in October 2014 with a crafted...

7.3AI score0.77553EPSS
Exploits11References8
Vulnrichment
Vulnrichment
added 2014/10/22 2:0 p.m.10 views

CVE-2014-6352

Microsoft Windows Vista SP2, Windows Server 2008 SP2 and R2 SP1, Windows 7 SP1, Windows 8, Windows 8.1, Windows Server 2012 Gold and R2, and Windows RT Gold and 8.1 allow remote attackers to execute arbitrary code via a crafted OLE object, as exploited in the wild in October 2014 with a crafted...

8AI score0.77553EPSS
Exploits11References8
CVE
CVE
added 2014/10/22 2:0 p.m.1061 views

CVE-2014-6352

CVE-2014-6352 is an OLE remote code execution vulnerability in Microsoft Windows where a crafted OLE object can trigger arbitrary code execution. The issue affected Windows Vista SP2, Windows 7 SP1, Windows 8/8.1, Windows Server 2008/2012 variants, and Windows RT, with public exploitation reporte...

9.3CVSS7.6AI score0.77553EPSS
In wildExploits11References9Affected Software8
ATTACKERKB
ATTACKERKB
added 2014/10/22 12:0 a.m.58 views

CVE-2014-6352

Microsoft Windows Vista SP2, Windows Server 2008 SP2 and R2 SP1, Windows 7 SP1, Windows 8, Windows 8.1, Windows Server 2012 Gold and R2, and Windows RT Gold and 8.1 allow remote attackers to execute arbitrary code via a crafted OLE object, as exploited in the wild in October 2014 with a crafted...

9.3CVSS7.9AI score0.77553EPSS
In wildExploits11References10
CISA
CISA
added 2014/10/22 12:0 a.m.67 views

Microsoft Releases Advisory for Unpatched Windows Vulnerability

Microsoft has released a security advisory to provide recommended mitigations for an unpatched vulnerability, CVE-2014-6352 which affects all Microsoft Windows releases except Windows Server 2003. This vulnerability could allow an attacker to take control of an affected system if a user opens a...

9.3CVSS3.1AI score0.77553EPSS
Exploits11References2
VulnCheck KEV
VulnCheck KEV
added 2014/10/22 12:0 a.m.4 views

VulnCheck KEV: CVE-2014-6352

Microsoft Windows allow remote attackers to execute arbitrary code via a crafted OLE object...

9.3CVSS7.6AI score0.77553EPSS
Exploits11References1
Tenable Nessus
Tenable Nessus
added 2014/10/22 12:0 a.m.64 views

MS KB3010060: Vulnerability in Microsoft OLE Could Allow Remote Code Execution (deprecated)

The remote host is missing one of the workarounds referenced in Microsoft Security Advisory 3010060. The version of Microsoft Office installed on the remote host is affected by a remote code execution vulnerability due to a flaw in the OLE package manager. A remote attacker can exploit this...

0.8AI score0.77553EPSS
Exploits11References2
Circl
Circl
added 2014/10/20 12:0 a.m.18 views

CVE-2014-6352

creationtimestamp| type| source ---|---|--- 2014-10-20 00:00:00+00:00| confirmed| https://www.exploit-db.com/exploits/35020 2014-10-28 09:39:41+00:00| seen| MISP/544f6415-0364-486b-ac0e-4fe6950d210b 2014-11-13 08:13:18+00:00| seen| MISP/54646762-aac0-4921-87b2-1c4a950d210b 2014-11-14...

9.3CVSS7.4AI score0.77553EPSS
Exploits11References11
Check Point Advisories
Check Point Advisories
added 2014/10/19 12:0 a.m.8 views

Microsoft Windows OLE Remote Code Execution (MS14-060) - ver 2 (CVE-2014-4114; CVE-2014-6352)

A remote code execution vulnerability has been reported in Microsoft Object Linking and Embedding OLE technology. This vulnerability is caused when a user downloads, or receives, and then opens a Microsoft Office file which contains specially crafted OLE objects...

9.3CVSS3.5AI score0.81628EPSS
Exploits30
Check Point Advisories
Check Point Advisories
added 2014/10/14 12:0 a.m.3 views

Microsoft Windows OLE Remote Code Execution (MS14-060; CVE-2014-4114; CVE-2014-6352)

A remote code execution vulnerability has been reported in Microsoft Object Linking and Embedding OLE technology. This vulnerability is caused when a user downloads, or receives, and then opens a Microsoft Office file which contains specially crafted OLE objects...

9.3CVSS3.5AI score0.81628EPSS
Exploits30
Rows per page
Query Builder