Lucene search
K
Database
Vendors
Products
Years
CVSS
Scanner
Agent Scanning
API Scanning
Manual Audit
Perimeter Scanner
Scanning
Projects
Email
Webhook
Plugins
Resources
Documents
Blog
Glossary
FAQ
Pricing
Contacts
About Us
Partners
Branding Guideline
symantecSymantec Security ResponseSMNTC-70952
HistoryNov 11, 2014 - 12:00 a.m.

Microsoft Windows CVE-2014-6332 OLE Remote Code Execution Vulnerability

2014-11-1100:00:00
Symantec Security Response
www.symantec.com
28

0.974 High

EPSS

Percentile

99.9%

JSON

Description

Microsoft Windows is prone to a remote code-execution vulnerability. An attacker can leverage this issue to execute arbitrary code and gain elevated privileges in the context of the currently logged-in user. Failed exploit attempts will likely result in denial-of-service conditions.

Technologies Affected

  • Avaya Aura Conferencing 6.0.0 Standard
  • Avaya CallPilot 4.0.1
  • Avaya CallPilot 5.1.0
  • Avaya Communication Server 1000 Telephony Manager 3.0.1
  • Avaya Communication Server 1000 Telephony Manager 4.0
  • Avaya Communication Server 1000 Telephony Manager 4.0.1
  • Avaya Meeting Exchange - Client Registration Server 5.0.1
  • Avaya Meeting Exchange - Client Registration Server 5.2
  • Avaya Meeting Exchange - Client Registration Server 5.2.1
  • Avaya Meeting Exchange - Client Registration Server 6.0
  • Avaya Meeting Exchange - Client Registration Server 6.2
  • Avaya Meeting Exchange - Recording Server 5.0.1
  • Avaya Meeting Exchange - Recording Server 5.2
  • Avaya Meeting Exchange - Recording Server 5.2.1
  • Avaya Meeting Exchange - Recording Server 6.0
  • Avaya Meeting Exchange - Recording Server 6.2
  • Avaya Meeting Exchange - Streaming Server 5.0.1
  • Avaya Meeting Exchange - Streaming Server 5.2
  • Avaya Meeting Exchange - Streaming Server 5.2.1
  • Avaya Meeting Exchange - Streaming Server 6.0
  • Avaya Meeting Exchange - Streaming Server 6.2
  • Avaya Meeting Exchange - Web Conferencing Server 5.0.1
  • Avaya Meeting Exchange - Web Conferencing Server 5.2
  • Avaya Meeting Exchange - Web Conferencing Server 5.2.1
  • Avaya Meeting Exchange - Web Conferencing Server 6.0
  • Avaya Meeting Exchange - Web Conferencing Server 6.2
  • Avaya Meeting Exchange - Webportal 5.0.1
  • Avaya Meeting Exchange - Webportal 5.2
  • Avaya Meeting Exchange - Webportal 5.2.1
  • Avaya Meeting Exchange - Webportal 6.0
  • Avaya Meeting Exchange - Webportal 6.2
  • Avaya Messaging Application Server 5.0.1
  • Avaya Messaging Application Server 5.2
  • Avaya Messaging Application Server 5.2.1
  • Avaya Messaging Application Server 6.2
  • Microsoft Windows 7 for 32-bit Systems SP1
  • Microsoft Windows 7 for x64-based Systems SP1
  • Microsoft Windows 8 for 32-bit Systems
  • Microsoft Windows 8 for x64-based Systems
  • Microsoft Windows 8.1 for 32-bit Systems
  • Microsoft Windows 8.1 for x64-based Systems
  • Microsoft Windows RT 8.1
  • Microsoft Windows RT
  • Microsoft Windows Server 2003 Itanium SP2
  • Microsoft Windows Server 2003 SP2
  • Microsoft Windows Server 2003 x64 Edition Service Pack 2
  • Microsoft Windows Server 2008 R2 for Itanium-based Systems SP1
  • Microsoft Windows Server 2008 R2 for x64-based Systems SP1
  • Microsoft Windows Server 2008 for 32-bit Systems SP2
  • Microsoft Windows Server 2008 for Itanium-based Systems SP2
  • Microsoft Windows Server 2008 for x64-based Systems SP2
  • Microsoft Windows Server 2012
  • Microsoft Windows Server 2012 R2
  • Microsoft Windows Vista Service Pack 2
  • Microsoft Windows Vista x64 Edition Service Pack 2

Recommendations

Block external access at the network boundary, unless external parties require service.
If global access isn’t needed, filter access to the affected computer at the network boundary. Restricting access to only trusted computers and networks might greatly reduce the likelihood of successful exploits.

Run all software as a nonprivileged user with minimal access rights.
To reduce the impact of latent vulnerabilities, always run nonadministrative software as an unprivileged user with minimal access rights.

Deploy network intrusion detection systems to monitor network traffic for malicious activity.
Deploy NIDS to monitor network traffic for signs of anomalous or suspicious activity. This includes but is not limited to requests that include NOP sleds and unexplained incoming and outgoing traffic. This may indicate exploit attempts or activity that results from a successful exploit.

Do not accept or execute files from untrusted or unknown sources.
To reduce the likelihood of successful exploits, never handle files that originate from unfamiliar or untrusted sources.

Implement multiple redundant layers of security.
Since this issue may be leveraged to execute code, we recommend memory-protection schemes, such as nonexecutable stack/heap configurations and randomly mapped memory segments. This tactic may complicate exploits of memory-corruption vulnerabilities.

Updates are available. Please see the references or vendor advisory for more information.

Related

packetstorm 13
saint 4
fireeye 14
prion 1
zdt 8
seebug 2
vulnerlab 2
exploitpack 3
checkpoint_advisories 2
canvas 1
securityvulns 2
threatpost 6
cisa_kev 1
attackerkb 1
cve 1
metasploit 1
cert 1
exploitdb 3
openvas 1
securelist 2
nessus 1
mskb 1
thn 2
myhack58 1
mmpc 1
malwarebytes 1
kaspersky 1
packetstorm
packetstorm
Winamp Bento Browser Remote Code Execution
2015-10-26 00:00:00
IBM Security AppScan 9.0.2 Remote Code Execution
2015-06-01 00:00:00
Internet Download Manager OLE Automation Array Remote Code Execution
2015-07-21 00:00:00
saint
saint
Windows OLE Automation Array command execution
2014-11-17 00:00:00
Windows OLE Automation Array command execution
2014-11-17 00:00:00
Windows OLE Automation Array command execution
2014-11-17 00:00:00
fireeye
fireeye
GongDa vs. Korean News
2016-03-18 08:30:00
Threat actors leverage EternalBlue exploit to deliver non-WannaCry payloads
2017-06-02 13:00:00
GongDa vs. Korean News
2016-03-18 12:30:00
prion
prion
Remote code execution
2014-11-11 22:55:00
zdt
zdt
The World Browser 3.0 Final - Remote Code Execution Exploit
2015-10-22 00:00:00
Internet Explorer OLE Automation Array Remote Code Execution Exploit
2014-11-13 00:00:00
Havij - OLE Automation Array Remote Code Execution Exploit
2015-07-01 00:00:00
seebug
seebug
IE Godmode remote code execution vulnerability, CVE-2014-6332)
2017-03-06 00:00:00
IBM Security AppScan Standard <= 9.0.2 - OLE Automation Array Remote Code Execution
2015-08-31 00:00:00
vulnerlab
vulnerlab
MS HTA (HTML Application) - Code Execution (MS14-064)
2015-08-15 00:00:00
MS HTA (HTML Application) - Code Execution (MS14-064)
2015-08-15 00:00:00
exploitpack
exploitpack
Microsoft Internet Explorer 11 - OLE Automation Array Remote Code Execution (1)
2014-11-13 00:00:00
IBM Security AppScan Standard 9.0.2 - OLE Automation Array Remote Code Execution
2015-06-01 00:00:00
Microsoft Internet Explorer 11 - OLE Automation Array Remote Code Execution (Metasploit)
2014-11-13 00:00:00
checkpoint_advisories
checkpoint_advisories
Microsoft Windows OLE Automation Array Remote Code Execution (MS14-064; CVE-2014-6332)
2014-11-11 00:00:00
Microsoft Windows OLE Obfuscated Automation Array Remote Code Execution (CVE-2014-6332)
2019-02-14 00:00:00
canvas
canvas
Immunity Canvas: MS14_064_IE_OLEAUT32
2014-11-11 22:55:00
securityvulns
securityvulns
Microsoft HTA &#40;HTML Application&#41; - Remote Code Execution Vulnerability &#40;MS14-064&#41;
2015-08-24 00:00:00
Microsoft Windows multiple security vulnerabilities
2015-08-24 00:00:00
threatpost
threatpost
EternalBlue Exploit Spreading Gh0st RAT, Nitol
2017-06-02 14:32:11
Malvertising Campaign Redirects Browsers To Terror Exploit Kit
2017-10-25 08:28:31
Angler Exploit Kit, Bedep Malware Inflating Video Views
2015-05-05 08:00:41
cisa_kev
cisa_kev
Microsoft Windows Object Linking & Embedding (OLE) Automation Array Remote Code Execution Vulnerability
2022-03-25 00:00:00
attackerkb
attackerkb
CVE-2014-6332
2014-11-11 00:00:00
cve
cve
CVE-2014-6332
2014-11-11 22:55:00
metasploit
metasploit
MS14-064 Microsoft Internet Explorer Windows OLE Automation Array Remote Code Execution
2014-11-24 07:25:18
cert
cert
Microsoft Windows Object Linking and Embedding (OLE) OleAut32 library SafeArrayRedim function vulnerable to remote code execution via Internet Explorer
2014-11-13 00:00:00
exploitdb
exploitdb
IBM Security AppScan Standard 9.0.2 - OLE Automation Array Remote Code Execution
2015-06-01 00:00:00
Microsoft Internet Explorer &lt; 11 - OLE Automation Array Remote Code Execution (Metasploit)
2014-11-13 00:00:00
Microsoft Internet Explorer 11 - OLE Automation Array Remote Code Execution (1)
2014-11-13 00:00:00
openvas
openvas
Microsoft Windows OLE Object Handling Code Execution Vulnerabilities (3011443)
2014-11-12 00:00:00
securelist
securelist
Delving deep into VBScript
2018-07-03 13:00:13
The King is dead. Long live the King!
2018-05-09 06:00:56
nessus
nessus
MS14-064: Vulnerabilities in Windows OLE Could Allow Remote Code Execution (3011443)
2014-11-11 00:00:00
mskb
mskb
MS14-064: Vulnerabilities in Windows OLE could allow remote code execution: November 11, 2014
2014-11-11 00:00:00
thn
thn
Experts Warn of Browser Extensions Spying On Users via Cloud9 Chrome Botnet Network
2022-11-09 11:01:00
Researchers Share New Insights Into RIG Exploit Kit Malware's Operations
2023-02-27 15:33:00
myhack58
myhack58
For a suspected CVE-2016-0189 the original attack sample debugging-vulnerability warning-the black bar safety net
2019-06-13 00:00:00
mmpc
mmpc
Exploit kits remain a cybercrime staple against outdated software – 2016 threat landscape review series
2017-01-23 22:37:34
malwarebytes
malwarebytes
RIG exploit kit distributes Princess ransomware
2017-08-31 20:04:32
kaspersky
kaspersky
KLA10601 Multiple vulnerabilities in Microsoft products
2014-11-11 00:00:00

0.974 High

EPSS

Percentile

99.9%

JSON
Related for SMNTC-70952
packetstorm13saint4fireeye14prion1zdt8seebug2vulnerlab2exploitpack3checkpoint_advisories2canvas1securityvulns2threatpost6cisa_kev1attackerkb1cve1metasploit1cert1exploitdb3openvas1securelist2nessus1mskb1thn2myhack581mmpc1malwarebytes1kaspersky1