CVE-2014-0263CVE-2014-0263

Affected configuration(s):

cpe:/o:microsoft:windows_7::sp1:x64
cpe:/o:microsoft:windows_7::sp1:x86
cpe:/o:microsoft:windows_8:-:-:x64
cpe:/o:microsoft:windows_8:-:-:x86
cpe:/o:microsoft:windows_8.1:-:-:~-~-~-~x64~
cpe:/o:microsoft:windows_8.1:-:-:~-~-~-~x86~
cpe:/o:microsoft:windows_rt:-
cpe:/o:microsoft:windows_rt_8.1:-
cpe:/o:microsoft:windows_server_2008:r2:sp1:x64
cpe:/o:microsoft:windows_server_2012:-
cpe:/o:microsoft:windows_server_2012:r2:-:~-~datacenter~~~
cpe:/o:microsoft:windows_server_2012:r2:-:~-~essentials~~~
cpe:/o:microsoft:windows_server_2012:r2:-:~-~standard~~~

Date published: 2014-02-11T23:50:40.033-05:00

Date last modified: 2014-02-12T10:05:35.597-05:00

CVSS Score: 9.3

Principal attack vector: NETWORK

Complexity:  MEDIUM

Reference URL: http://technet.microsoft.com/security/bulletin/MS14-007

Summary: The Direct2D implementation in Microsoft Windows 7 SP1, Windows Server 2008 R2 SP1, Windows 8, Windows 8.1, Windows Server 2012 Gold and R2, and Windows RT Gold and 8.1 allows remote attackers to execute arbitrary code via a large 2D geometric figure that is encountered with Internet Explorer, aka “Microsoft Graphics Component Memory Corruption Vulnerability.”

CategoriesUncategorised

Leave a Reply

Your email address will not be published. Required fields are marked *

This site uses Akismet to reduce spam. Learn how your comment data is processed.