CVE-2014-1807
published 2014-05-14CVE-2014-1807: The ShellExecute API in Windows Shell in Microsoft Windows Server 2003 SP2, Windows Vista SP2, Windows Server 2008 SP2 and R2 SP1, Windows 7 SP1, Windows 8…
PriorityP273high7.2CVSS 2.0
AVLACLAuNCCICAC
ITWVulnCheck KEV
Exploited in the wild
EPSS
1.77%
75.3th percentile
The ShellExecute API in Windows Shell in Microsoft Windows Server 2003 SP2, Windows Vista SP2, Windows Server 2008 SP2 and R2 SP1, Windows 7 SP1, Windows 8, Windows 8.1, Windows Server 2012 Gold and R2, and Windows RT Gold and 8.1 does not properly implement file associations, which allows local users to gain privileges via a crafted application, as exploited in the wild in May 2014, aka "Windows Shell File Association Vulnerability."
Affected
2 ranges
| Vendor | Product | Version range | Fixed in |
|---|---|---|---|
| microsoft | windows_server_2008 | — | — |
| microsoft | windows_server_2012 | — | — |
CVSS provenance
nvdv2.07.2HIGHAV:L/AC:L/Au:N/C:C/I:C/A:C
vulncheck7.2HIGH
CVEs like this are exactly what “Exploited This Week” covers.
Every Monday: what got weaponized or added to CISA KEV in the last seven days — each CVE cross-linked to its PoC, Nuclei template, and detection rule. Free, one email a week, unsubscribe in one click.
GHSA
GHSA-cr6g-jxw7-2xjq: The ShellExecute API in Windows Shell in Microsoft Windows Server 2003 SP2, Windows Vista SP2, Windows Server 2008 SP2 and R2 SP1, Windows 7 SP1, Wind
ghsa_unreviewed·2022-05-14
CVE-2014-1807 [HIGH] GHSA-cr6g-jxw7-2xjq: The ShellExecute API in Windows Shell in Microsoft Windows Server 2003 SP2, Windows Vista SP2, Windows Server 2008 SP2 and R2 SP1, Windows 7 SP1, Wind
The ShellExecute API in Windows Shell in Microsoft Windows Server 2003 SP2, Windows Vista SP2, Windows Server 2008 SP2 and R2 SP1, Windows 7 SP1, Windows 8, Windows 8.1, Windows Server 2012 Gold and R2, and Windows RT Gold and 8.1 does not properly implement file associations, which allows local users to gain privileges via a crafted application, as exploited in the wild in May 2014, aka "Windows Shell File Association Vulnerability."
VulnCheck
Windows Shell File Association Vulnerability
vulncheck·2014·CVSS 7.2
CVE-2014-1807 [HIGH] Windows Shell File Association Vulnerability
Windows Shell File Association Vulnerability
The ShellExecute API in Windows Shell in Microsoft Windows Server 2003 SP2, Windows Vista SP2, Windows Server 2008 SP2 and R2 SP1, Windows 7 SP1, Windows 8, Windows 8.1, Windows Server 2012 Gold and R2, and Windows RT Gold and 8.1 does not properly implement file associations, which allows local users to gain privileges via a crafted application, as exploited in the wild in May 2014, aka "Windows Shell File Association Vulnerability."
Affected: Microsoft Windows
Required Action: Apply remediations or mitigations per vendor instructions or discontinue use of the product if remediation or mitigations are unavailable.
Exploitation References: https://learn.microsoft.com/en-us/security-updates/SecurityBulletins/2014/ms14-027; https://www.cve.org
No detection rules found.
No public exploits indexed.
Talos
Microsoft Update Tuesday May 2014: relatively light month
blogs_talos·2014-05-13·CVSS 4.3
[MEDIUM] Microsoft Update Tuesday May 2014: relatively light month
## Microsoft Update Tuesday May 2014: relatively light month
It’s time for another Microsoft Update Tuesday , the first one which will not feature any XP updates (except of course for the out-of-band patch ( MS14-021 ) which was released to deal with the IE 0-day which is officially part of this release, but which we won't be discussing here, more on that can be found here and here ). It’s a pretty straightforward month this time around, with eight bulletins covering 13 CVEs.
The numbering is a little off this month, usually the critical bulletins came first, but it seems that Microsoft hasn't done that this time around. We’ll list the critical bulletins first, followed by the important ones.
There’s two critical bulletins and six important bulletins this month:
The first critical bull
Talos
Microsoft Update Tuesday May 2014: relatively light month
blogs_talos·2014-05-13·CVSS 4.3
[MEDIUM] Microsoft Update Tuesday May 2014: relatively light month
It’s time for another Microsoft Update Tuesday, the first one which will not feature any XP updates (except of course for the out-of-band patch (MS14-021) which was released to deal with the IE 0-day which is officially part of this release, but which we won't be discussing here, more on that can be found here and here). It’s a pretty straightforward month this time around, with eight bulletins covering 13 CVEs.
The numbering is a little off this month, usually the critical bulletins came first, but it seems that Microsoft hasn't done that this time around. We’ll list the critical bulletins first, followed by the important ones.
There’s two critical bulletins and six important bulletins this month:
The first critical bulletin is MS14-022 and covers three CVEs in Sharepoint. Two of them
2014-05-14
Published
Exploited in the wild