QwikSec

Security Database

CVE

CWE

Training

CVE Database
/

CVE-2014-0295

Back to search

CVE-2014-0295

Published: Feb 12, 2014

Modified: Aug 6, 2024

PUBLISHED

Description

VsaVb7rt.dll in Microsoft .NET Framework 2.0 SP2 and 3.5.1 does not implement the ASLR protection mechanism, which makes it easier for remote attackers to execute arbitrary code via a crafted web site, as exploited in the wild in February 2014, aka "VSAVB7RT ASLR Vulnerability."

VendorProductVersions

n/a

n/a

affected
n/a

References

1029745
vdb-entry
x_refsource_SECTRACK
103164
vdb-entry
x_refsource_OSVDB
65418
vdb-entry
x_refsource_BID
56793
third-party-advisory
x_refsource_SECUNIA
MS14-009
vendor-advisory
x_refsource_MS

Security Training

Train your team to recognize and prevent security threats with our comprehensive security awareness program.

Start Training

Vulnerability Scanning

Discover vulnerabilities in your applications and infrastructure before attackers do.

Scan Now