NVD

Id
29160  
Name
CVE-2014-0257  
Description
Microsoft .NET Framework 1.0 SP3, 1.1 SP1, 2.0 SP2, 3.5, 3.5.1, 4, 4.5, and 4.5.1 does not properly determine whether it is safe to execute a method, which allows remote attackers to execute arbitrary code via (1) a crafted web site or (2) a crafted .NET Framework application that exposes a COM server endpoint, aka "Type Traversal Vulnerability."  
Reject
 
CVSS Version
2  
CVSS Score
9.3  
Severity
High  
CVSS Base Score
9.3  
CVSS Impact Subscore
10  
CVSS Exploit Subscore
8.6  
CVSS Vector
(AV:N/AC:M/Au:N/C:C/I:C/A:C)  
Pub Date
2017-01-19  
Published
2014-02-11  
Modified Date
2017-01-06  
Seq
2014-0257  

Actions

Related NVD References

Id NVD Id NVD No. Reference Actions
154772 29160 CVE-2014-0257 http://packetstormsecurity.com/files/127246/MS14-009-.NET-Deployment-Service-IE-Sandbox-Escape.html  View
154773 29160 CVE-2014-0257 MS14-009  View
154774 29160 CVE-2014-0257 33892  View
154775 29160 CVE-2014-0257 103163  View

Related JVN

Id Name Title Summary Cveinfo Name Cveinfo Id Nvdinfo Name Nvdinfo Id Cvssv2 Cvssv3 Jvnurl Published Date Last Updated Date Actions
12491 JVNDB-2014-001366 Microsoft .NET Framework における任意のコードを実行される脆弱性 Microsoft .NET Framework は、メソッドの実行が安全であるかどうかを適切に判定しないため、任意のコードを実行される脆弱性が存在します。 CVE-2014-0257 67658 CVE-2014-0257 29160 9.3 http://jvndb.jvn.jp/ja/contents/2014/JVNDB-2014-001366.html 2014-02-11 2014-02-13 View