Main
Vulnerability Database
Exploits
ID:1613 - Exploit for Type Traversal Vulnerability in Microsoft .NET Framework - CVE-2014-0257
ID:1613 - Exploit for Type Traversal Vulnerability in Microsoft .NET Framework - CVE-2014-0257
Published: March 18, 2020
Vulnerability identifier: #VU5046
Vulnerability risk: Medium
CVE-ID: CVE-2014-0257
CWE-ID: CWE-264
Exploitation vector: Remote access
Vulnerable software:
Microsoft .NET Framework
Microsoft .NET Framework
Link to public exploit:
Vulnerability description
The vulnerability allows a remote attacker to bypass certain security restrictions.
The weakness exists due to the failure to properly verify safety of a method for execution within Microsoft .NET Framework. A remote attacker can run a specially crafted Web site, trick the victim into visiting it and gain elevated privileges and execute arbitrary code.
Successful exploitation of the vulnerability results in arbitrary code execution on the vulnerable system.
The weakness exists due to the failure to properly verify safety of a method for execution within Microsoft .NET Framework. A remote attacker can run a specially crafted Web site, trick the victim into visiting it and gain elevated privileges and execute arbitrary code.
Successful exploitation of the vulnerability results in arbitrary code execution on the vulnerable system.
Remediation
Install update from vendor's website.