CVE-2014-0315
published 2014-04-08CVE-2014-0315: Untrusted search path vulnerability in Microsoft Windows XP SP2 and SP3, Windows Server 2003 SP2, Windows Vista SP2, Windows Server 2008 SP2 and R2 SP1…
PriorityP334medium6.9CVSS 2.0
AVLACMAuNCCICAC
EPSS
14.62%
96.2th percentile
Untrusted search path vulnerability in Microsoft Windows XP SP2 and SP3, Windows Server 2003 SP2, Windows Vista SP2, Windows Server 2008 SP2 and R2 SP1, Windows 7 SP1, Windows 8, Windows 8.1, Windows Server 2012 Gold and R2, and Windows RT Gold and 8.1 allows local users to gain privileges via a Trojan horse cmd.exe file in the current working directory, as demonstrated by a directory that contains a .bat or .cmd file, aka "Windows File Handling Vulnerability."
Affected
2 ranges
| Vendor | Product | Version range | Fixed in |
|---|---|---|---|
| microsoft | windows_server_2008 | — | — |
| microsoft | windows_server_2012 | — | — |
Stop checking back — get the weekly exploitation signal.
Every Monday: what got weaponized or added to CISA KEV in the last seven days — each CVE cross-linked to its PoC, Nuclei template, and detection rule. Free, one email a week, unsubscribe in one click.
VulDB
Microsoft Windows up to XP SP3 Batch File CreateProcess untrusted search path (MS14-019 / Nessus ID 73416)
vuldb·2026-05-10·CVSS 6.9
CVE-2014-0315 [MEDIUM] Microsoft Windows up to XP SP3 Batch File CreateProcess untrusted search path (MS14-019 / Nessus ID 73416)
A vulnerability classified as critical was found in Microsoft Windows. This issue affects the function CreateProcess of the component Batch File Handler. The manipulation results in untrusted search path.
This vulnerability is reported as CVE-2014-0315. The attack can be launched remotely. No exploit exists.
It is advisable to implement a patch to correct this issue.
GHSA
GHSA-7wq4-3v4v-vpp7: Untrusted search path vulnerability in Microsoft Windows XP SP2 and SP3, Windows Server 2003 SP2, Windows Vista SP2, Windows Server 2008 SP2 and R2 SP
ghsa_unreviewed·2022-05-13
CVE-2014-0315 [MEDIUM] CWE-426 GHSA-7wq4-3v4v-vpp7: Untrusted search path vulnerability in Microsoft Windows XP SP2 and SP3, Windows Server 2003 SP2, Windows Vista SP2, Windows Server 2008 SP2 and R2 SP
Untrusted search path vulnerability in Microsoft Windows XP SP2 and SP3, Windows Server 2003 SP2, Windows Vista SP2, Windows Server 2008 SP2 and R2 SP1, Windows 7 SP1, Windows 8, Windows 8.1, Windows Server 2012 Gold and R2, and Windows RT Gold and 8.1 allows local users to gain privileges via a Trojan horse cmd.exe file in the current working directory, as demonstrated by a directory that contains a .bat or .cmd file, aka "Windows File Handling Vulnerability."
No detection rules found.
No public exploits indexed.
Talos
Microsoft Update Tuesday: April 2014, two final XP and Office 2003 fixes
blogs_talos·2014-04-08·CVSS 6.9
[MEDIUM] Microsoft Update Tuesday: April 2014, two final XP and Office 2003 fixes
## Microsoft Update Tuesday: April 2014, two final XP and Office 2003 fixes
It’s the last Microsoft Update Tuesday before the end-of-life of both Windows XP and Office 2003 and Microsoft is patching two vulnerabilities that also impact XP and two that also impact Office 2003 this month. All-in-all it’s a relatively light month this time around with only four bulletins covering eleven CVEs.
The first bulletin this month, MS14-017 , deals with Word and covers three CVEs. One fix is for a 0-day vulnerability, CVE-2014-1761, that Microsoft previously addressed in advisory 2953095 and a “Fix it” that disables support for RTF completely in Word. The vulnerability results from an incorrect “listoverridecount” value in an “overridetable” structure in the RTF file.This value is not properly check
Talos
Microsoft Update Tuesday: April 2014, two final XP and Office 2003 fixes
blogs_talos·2014-04-08·CVSS 6.9
CVE-2014-1761 [MEDIUM] Microsoft Update Tuesday: April 2014, two final XP and Office 2003 fixes
It’s the last Microsoft Update Tuesday before the end-of-life of both Windows XP and Office 2003 and Microsoft is patching two vulnerabilities that also impact XP and two that also impact Office 2003 this month. All-in-all it’s a relatively light month this time around with only four bulletins covering eleven CVEs.
The first bulletin this month, MS14-017, deals with Word and covers three CVEs. One fix is for a 0-day vulnerability, CVE-2014-1761, that Microsoft previously addressed in advisory 2953095 and a “Fix it” that disables support for RTF completely in Word. The vulnerability results from an incorrect “listoverridecount” value in an “overridetable” structure in the RTF file.This value is not properly checked by Word and setting it to an invalid value causes a type confusion bug, whi
http://blogs.technet.com/b/srd/archive/2014/04/08/ms14-019-fixing-a-binary-hijacking-via-cmd-or-bat-file.aspxhttp://seclists.org/fulldisclosure/2020/Jul/33https://docs.microsoft.com/en-us/security-updates/securitybulletins/2014/ms14-019http://blogs.technet.com/b/srd/archive/2014/04/08/ms14-019-fixing-a-binary-hijacking-via-cmd-or-bat-file.aspxhttp://seclists.org/fulldisclosure/2020/Jul/33https://docs.microsoft.com/en-us/security-updates/securitybulletins/2014/ms14-019
2014-04-08
Published