CVE-2014-4149
published 2014-11-11CVE-2014-4149: Microsoft .NET Framework 1.1 SP1, 2.0 SP2, 3.5, 3.5.1, 4, 4.5, 4.5.1, and 4.5.2 does not properly perform TypeFilterLevel checks, which allows remote attackers…
critical9.3CVSS 3.1
AVNACMAuNCCICAC
EXPLOIT
Microsoft .NET Framework 1.1 SP1, 2.0 SP2, 3.5, 3.5.1, 4, 4.5, 4.5.1, and 4.5.2 does not properly perform TypeFilterLevel checks, which allows remote attackers to execute arbitrary code via crafted data to a .NET Remoting endpoint, aka "TypeFilterLevel Vulnerability."
Affected
9 ranges
| Vendor | Product | Version range | Fixed in |
|---|---|---|---|
| microsoft | net_framework | — | — |
| microsoft | net_framework | — | — |
| microsoft | net_framework | — | — |
| microsoft | net_framework | — | — |
| microsoft | net_framework | — | — |
| microsoft | net_framework | — | — |
| microsoft | net_framework | — | — |
| microsoft | net_framework | — | — |
| qemu | qemu | >= 0 < 2.0.0+dfsg-2ubuntu1.3 | 2.0.0+dfsg-2ubuntu1.3 |
CVSS provenance
nvd9.3CRITICALAV:N/AC:M/Au:N/C:C/I:C/A:C
osv7.5HIGH