CVE-2014-4064
https://notcve.org/view.php?id=CVE-2014-4064
The kernel-mode drivers in Microsoft Windows Vista SP2, Windows Server 2008 SP2 and R2 SP1, Windows 7 SP1, Windows 8, Windows 8.1, Windows Server 2012 Gold and R2, and Windows RT Gold and 8.1 do not properly handle use of the paged kernel pool for allocation of uninitialized memory, which allows local users to obtain sensitive information about kernel addresses via a crafted application, aka "Windows Kernel Pool Allocation Vulnerability." Los controladores de modo kernel en Microsoft Windows Vista SP2, Windows Server 2008 SP2 y R2 SP1, Windows 7 SP1, Windows 8, Windows 8.1, Windows Server 2012 Gold y R2, y Windows RT Gold y 8.1 no manejan debidamente el uso del pool del kernel páginado para la reserva de memoria no inicializada, lo que permite a usuarios locales obtener información sensible acerca de las direcciones del kernel a través de una aplicación manipulada, también conocido como 'vulnerabilidad de la reserva del pool del kernel de Windows.' • http://secunia.com/advisories/60673 http://www.securityfocus.com/bid/69144 https://docs.microsoft.com/en-us/security-updates/securitybulletins/2014/ms14-045 • CWE-119: Improper Restriction of Operations within the Bounds of a Memory Buffer •
CVE-2014-1814
https://notcve.org/view.php?id=CVE-2014-1814
The Windows Installer in Microsoft Windows Server 2003 SP2, Windows Vista SP2, Windows Server 2008 SP2 and R2 SP1, Windows 7 SP1, Windows 8, Windows 8.1, Windows Server 2012 Gold and R2, and Windows RT Gold and 8.1 allows local users to gain privileges via a crafted application that invokes the repair feature for a different application, aka "Windows Installer Repair Vulnerability." Windows Installer en Microsoft Windows Server 2003 SP2, Windows Vista SP2, Windows Server 2008 SP2 y R2 SP1, Windows 7 SP1, Windows 8, Windows 8.1, Windows Server 2012 Gold y R2, y Windows RT Gold y 8.1 permite a usuarios locales ganar privilegios a través de una aplicación que invoca la funcionalidad de reparación para una aplicación diferente, también conocido como 'vulnerabilidad de reparación de Windows Installer.' • http://secunia.com/advisories/60674 http://www.securityfocus.com/bid/69112 http://www.securitytracker.com/id/1030719 https://docs.microsoft.com/en-us/security-updates/securitybulletins/2014/ms14-049 • CWE-264: Permissions, Privileges, and Access Controls •
CVE-2014-1767 – Microsoft Windows AFD.SYS Dangling Pointer Privilege Escalation Vulnerability
https://notcve.org/view.php?id=CVE-2014-1767
Double free vulnerability in the Ancillary Function Driver (AFD) in afd.sys in the kernel-mode drivers in Microsoft Windows Server 2003 SP2, Windows Vista SP2, Windows Server 2008 SP2 and R2 SP1, Windows 7 SP1, Windows 8, Windows 8.1, Windows Server 2012 Gold and R2, and Windows RT Gold and 8.1 allows local users to gain privileges via a crafted application, aka "Ancillary Function Driver Elevation of Privilege Vulnerability." Vulnerabilidad de doble liberación en Ancillary Function Driver (AFD) en afd.sys en los controladores de modo de kernel en Microsoft Windows Server 2003 SP2, Windows Vista SP2, Windows Server 2008 SP2 and R2 SP1, Windows 7 SP1, Windows 8, Windows 8.1, Windows Server 2012 Gold y R2 y Windows RT Gold y 8.1 permite a usuarios locales ganar privilegios a través de una aplicación manipulada, también conocido como 'vulnerabilidad de elevación de privilegios de Ancillary Function Driver.' This vulnerability allows remote attackers to execute arbitrary code on vulnerable installations of Microsoft Windows. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists within the handling of sockets. The issue lies in the failure to properly handle error conditions leading to a pointer not being reset. • https://www.exploit-db.com/exploits/39446 https://www.exploit-db.com/exploits/39525 https://github.com/ExploitCN/CVE-2014-1767-EXP-PAPER http://secunia.com/advisories/59778 http://www.securityfocus.com/bid/68394 http://www.zerodayinitiative.com/advisories/ZDI-14-220 https://docs.microsoft.com/en-us/security-updates/securitybulletins/2014/ms14-040 • CWE-415: Double Free •
CVE-2014-1817
https://notcve.org/view.php?id=CVE-2014-1817
usp10.dll in Uniscribe (aka the Unicode Script Processor) in Microsoft Windows Server 2003 SP2, Windows Vista SP2, Windows Server 2008 SP2 and R2 SP1, Windows 7 SP1, Windows 8, Windows 8.1, Windows Server 2012 Gold and R2, Windows RT Gold and 8.1, Office 2007 SP3 and 2010 SP1 and SP2, Live Meeting 2007 Console, Lync 2010 and 2013, Lync 2010 Attendee, and Lync Basic 2013 allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via a crafted EMF+ record in a font file, aka "Unicode Scripts Processor Vulnerability." usp10.dll en Uniscribe (también conocido como Unicode Script Processor) en Microsoft Windows Server 2003 SP2, Windows Vista SP2, Windows Server 2008 SP2 y R2 SP1, Windows 7 SP1, Windows 8, Windows 8.1, Windows Server 2012 Gold y R2, Windows RT Gold y 8.1, Office 2007 SP3 y 2010 SP1 y SP2, Live Meeting 2007 Console, Lync 2010 y 2013, Lync 2010 Attendee y Lync Basic 2013 permite a atacantes remotos ejecutar código arbitrario o causar una denegación de servico (corrupción de memoria) a través de un registro EMF+ manipulado en un archivo de fuentes, también conocido como 'Vulnerabilidad de Unicode Scripts Processor.' • http://blogs.technet.com/b/srd/archive/2014/06/10/assessing-risk-for-the-june-2014-security-updates.aspx http://secunia.com/advisories/58583 http://www.securityfocus.com/bid/67897 http://www.securitytracker.com/id/1030376 http://www.securitytracker.com/id/1030377 http://www.securitytracker.com/id/1030378 https://docs.microsoft.com/en-us/security-updates/securitybulletins/2014/ms14-036 • CWE-119: Improper Restriction of Operations within the Bounds of a Memory Buffer •
CVE-2014-1818
https://notcve.org/view.php?id=CVE-2014-1818
GDI+ in Microsoft Windows Server 2003 SP2, Windows Vista SP2, Windows Server 2008 SP2 and R2 SP1, Windows 7 SP1, Windows 8, Windows 8.1, Windows Server 2012 Gold and R2, Windows RT Gold and 8.1, Office 2007 SP3 and 2010 SP1 and SP2, Live Meeting 2007 Console, Lync 2010 and 2013, Lync 2010 Attendee, and Lync Basic 2013 allows remote attackers to execute arbitrary code via a crafted EMF+ record in an image file, aka "GDI+ Image Parsing Vulnerability." GDI+ en Microsoft Windows Server 2003 SP2, Windows Vista SP2, Windows Server 2008 SP2 y R2 SP1, Windows 7 SP1, Windows 8, Windows 8.1, Windows Server 2012 Gold y R2, Windows RT Gold y 8.1, Office 2007 SP3 y 2010 SP1 y SP2, Live Meeting 2007 Console, Lync 2010 y 2013, Lync 2010 Attendee, y Lync Basic 2013 permite a atacantes remotos ejecutar código arbitrario a través de un registro EMF+ manipulado en un archivo de fuentes, también conocido como 'Vulnerabilidad de Análisis Sintáctico de Imágenes GDI+.' • http://blogs.technet.com/b/srd/archive/2014/06/10/assessing-risk-for-the-june-2014-security-updates.aspx http://secunia.com/advisories/58583 http://www.securityfocus.com/bid/67904 http://www.securitytracker.com/id/1030376 http://www.securitytracker.com/id/1030377 http://www.securitytracker.com/id/1030378 https://docs.microsoft.com/en-us/security-updates/securitybulletins/2014/ms14-036 • CWE-20: Improper Input Validation •