CVSS: 7.6EPSS: 6%CPEs: 11EXPL: 0CVE-2014-2781 – Microsoft On-Screen Keyboard Privilege Escalation Vulnerability
https://notcve.org/view.php?id=CVE-2014-2781
Microsoft Windows Vista SP2, Windows Server 2008 SP2 and R2 SP1, Windows 7 SP1, Windows 8, Windows 8.1, Windows Server 2012 Gold and R2, and Windows RT Gold and 8.1 do not properly restrict the exchange of keyboard and mouse data between programs at different integrity levels, which allows attackers to bypass intended access restrictions by leveraging control over a low-integrity process to launch the On-Screen Keyboard (OSK) and then upload a crafted application, aka "On-Screen Keyboard Elevation of Privilege Vulnerability." Microsoft Windows Vista SP2, Windows Server 2008 SP2 y R2 SP1, Windows 7 SP1, Windows 8, Windows 8.1, Windows Server 2012 Gold y R2 y Windows RT Gold y 8.1 no restringen debidamente el intercambio de datos del teclado y del ratón entre programas con diferentes niveles de integridad, lo que permite a atacantes remotos evadir las restricciones de acceso mediante el aprovechamiento del control sobre un proceso de baja integridad para lanzar el On-Screen Keyboard (OSK) y posteriormente subir una aplicación manipulada, también conocido como 'vulnerabilidad de elevación de privilegios de On-Screen Keyboard.' This vulnerability allows remote attackers to execute arbitrary code on vulnerable installations of Microsoft Windows. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists within the handling of the On-Screen Keyboard. The issue lies in the ability to send input to the On-Screen Keyboard from a low integrity process. • http://www.securityfocus.com/bid/68397 http://www.securitytracker.com/id/1030535 https://docs.microsoft.com/en-us/security-updates/securitybulletins/2014/ms14-039 • CWE-264: Permissions, Privileges, and Access Controls •
CVSS: 9.3EPSS: 70%CPEs: 10EXPL: 0CVE-2014-1824
https://notcve.org/view.php?id=CVE-2014-1824
Windows Journal in Microsoft Windows Vista SP2, Windows Server 2008 SP2 and R2 SP1, Windows 7 SP1, Windows 8, Windows 8.1, Windows Server 2012 Gold and R2, and Windows RT Gold and 8.1 allows remote attackers to execute arbitrary code via a crafted Journal (aka .JNT) file, aka "Windows Journal Remote Code Execution Vulnerability." Windows Journal en Microsoft Windows Vista SP2, Windows Server 2008 SP2 y R2 SP1, Windows 7 SP1, Windows 8, Windows 8.1, Windows Server 2012 Gold y R2, y Windows RT Gold y 8.1 permite a atacantes remotos ejecutar código arbitrario a través de un fichero Journal manipulado (también conocido como .JNT), también conocido como 'vulnerabilidad de ejecución de código remoto de Windows Journal.' • http://secunia.com/advisories/59776 http://www.securityfocus.com/bid/68396 https://docs.microsoft.com/en-us/security-updates/securitybulletins/2014/ms14-038 https://support.microsoft.com/kb/2971850 • CWE-94: Improper Control of Generation of Code ('Code Injection') •
CVSS: 7.2EPSS: 0%CPEs: 11EXPL: 3CVE-2014-1767 – Microsoft Windows AFD.SYS Dangling Pointer Privilege Escalation Vulnerability
https://notcve.org/view.php?id=CVE-2014-1767
Double free vulnerability in the Ancillary Function Driver (AFD) in afd.sys in the kernel-mode drivers in Microsoft Windows Server 2003 SP2, Windows Vista SP2, Windows Server 2008 SP2 and R2 SP1, Windows 7 SP1, Windows 8, Windows 8.1, Windows Server 2012 Gold and R2, and Windows RT Gold and 8.1 allows local users to gain privileges via a crafted application, aka "Ancillary Function Driver Elevation of Privilege Vulnerability." Vulnerabilidad de doble liberación en Ancillary Function Driver (AFD) en afd.sys en los controladores de modo de kernel en Microsoft Windows Server 2003 SP2, Windows Vista SP2, Windows Server 2008 SP2 and R2 SP1, Windows 7 SP1, Windows 8, Windows 8.1, Windows Server 2012 Gold y R2 y Windows RT Gold y 8.1 permite a usuarios locales ganar privilegios a través de una aplicación manipulada, también conocido como 'vulnerabilidad de elevación de privilegios de Ancillary Function Driver.' This vulnerability allows remote attackers to execute arbitrary code on vulnerable installations of Microsoft Windows. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists within the handling of sockets. The issue lies in the failure to properly handle error conditions leading to a pointer not being reset. • https://www.exploit-db.com/exploits/39446 https://www.exploit-db.com/exploits/39525 https://github.com/ExploitCN/CVE-2014-1767-EXP-PAPER http://secunia.com/advisories/59778 http://www.securityfocus.com/bid/68394 http://www.zerodayinitiative.com/advisories/ZDI-14-220 https://docs.microsoft.com/en-us/security-updates/securitybulletins/2014/ms14-040 • CWE-415: Double Free •
CVSS: 9.3EPSS: 20%CPEs: 12EXPL: 0CVE-2014-1817
https://notcve.org/view.php?id=CVE-2014-1817
usp10.dll in Uniscribe (aka the Unicode Script Processor) in Microsoft Windows Server 2003 SP2, Windows Vista SP2, Windows Server 2008 SP2 and R2 SP1, Windows 7 SP1, Windows 8, Windows 8.1, Windows Server 2012 Gold and R2, Windows RT Gold and 8.1, Office 2007 SP3 and 2010 SP1 and SP2, Live Meeting 2007 Console, Lync 2010 and 2013, Lync 2010 Attendee, and Lync Basic 2013 allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via a crafted EMF+ record in a font file, aka "Unicode Scripts Processor Vulnerability." usp10.dll en Uniscribe (también conocido como Unicode Script Processor) en Microsoft Windows Server 2003 SP2, Windows Vista SP2, Windows Server 2008 SP2 y R2 SP1, Windows 7 SP1, Windows 8, Windows 8.1, Windows Server 2012 Gold y R2, Windows RT Gold y 8.1, Office 2007 SP3 y 2010 SP1 y SP2, Live Meeting 2007 Console, Lync 2010 y 2013, Lync 2010 Attendee y Lync Basic 2013 permite a atacantes remotos ejecutar código arbitrario o causar una denegación de servico (corrupción de memoria) a través de un registro EMF+ manipulado en un archivo de fuentes, también conocido como 'Vulnerabilidad de Unicode Scripts Processor.' • http://blogs.technet.com/b/srd/archive/2014/06/10/assessing-risk-for-the-june-2014-security-updates.aspx http://secunia.com/advisories/58583 http://www.securityfocus.com/bid/67897 http://www.securitytracker.com/id/1030376 http://www.securitytracker.com/id/1030377 http://www.securitytracker.com/id/1030378 https://docs.microsoft.com/en-us/security-updates/securitybulletins/2014/ms14-036 • CWE-119: Improper Restriction of Operations within the Bounds of a Memory Buffer •
CVSS: 5.0EPSS: 1%CPEs: 11EXPL: 0CVE-2014-1811
https://notcve.org/view.php?id=CVE-2014-1811
The TCP implementation in Microsoft Windows Vista SP2, Windows Server 2008 SP2 and R2 SP1, Windows 7 SP1, Windows 8, Windows 8.1, Windows Server 2012 Gold and R2, and Windows RT Gold and 8.1 allows remote attackers to cause a denial of service (non-paged pool memory consumption and system hang) via malformed data in the Options field of a TCP header, aka "TCP Denial of Service Vulnerability." La implementación TCP en Microsoft Windows Vista SP2, Windows Server 2008 SP2 y R2 SP1, Windows 7 SP1, Windows 8, Windows 8.1, Windows Server 2012 Gold y R2 y Windows RT Gold y 8.1 permite a atacantes remotos causar una denegación de servicio (consumo de memoria pool no paginada y cuelgue de sistema) a través de datos malformados en el campo Options de una cabecera TCP, también conocido como 'Vulnerabilidad de Denegación de Servicio TCP.' • http://blogs.technet.com/b/srd/archive/2014/06/10/assessing-risk-for-the-june-2014-security-updates.aspx http://secunia.com/advisories/58525 http://www.securityfocus.com/bid/67888 https://docs.microsoft.com/en-us/security-updates/securitybulletins/2014/ms14-031 • CWE-399: Resource Management Errors •