CVE-2014-4073 — Microsoft NET Framework vulnerability
Severity
10.0CRITICALNVD
EPSS
30.1%
top 3.32%
CISA KEV
Not in KEV
Exploit
No known exploits
Affected products
Timeline
PublishedOct 15
Latest updateMay 14
Description
Microsoft .NET Framework 2.0 SP2, 3.5, 3.5.1, 4, 4.5, 4.5.1, and 4.5.2 processes unverified data during interaction with the ClickOnce installer, which allows remote attackers to gain privileges via vectors involving Internet Explorer, aka ".NET ClickOnce Elevation of Privilege Vulnerability."
CVSS vector
AV:N/AC:L/C:C/I:C/A:CExploitability: 10.0 | Impact: 10.0
Affected Packages1 packages
🔴Vulnerability Details
3💥Exploits & PoCs
1Exploit-DB
▶