CVE-2014-4122CVE-2014-4122

Affected configuration(s):

cpe:/a:microsoft:.net_framework:2.0:sp2
cpe:/a:microsoft:.net_framework:3.5
cpe:/a:microsoft:.net_framework:3.5.1

Date published: 2014-10-15T06:55:07.990-04:00

Date last modified: 2015-10-30T13:28:02.837-04:00

CVSS Score: 4.3

Principal attack vector: NETWORK

Complexity:  MEDIUM

Reference URL: http://technet.microsoft.com/security/bulletin/MS14-057

Summary: Microsoft .NET Framework 2.0 SP2, 3.5, and 3.5.1 omits the ASLR protection mechanism, which allows remote attackers to obtain potentially sensitive information about memory addresses by leveraging the predictability of an executable image’s location, aka “.NET ASLR Vulnerability.”

CategoriesUncategorised

Leave a Reply

Your email address will not be published. Required fields are marked *

This site uses Akismet to reduce spam. Learn how your comment data is processed.