Test ID:	1.3.6.1.4.1.25623.1.0.903337
Category:	Windows : Microsoft Bulletins
Title:	Microsoft .NET Framework Multiple Vulnerabilities (2916607)
Summary:	This host is missing an important security update according to; Microsoft Bulletin MS14-009.
Description:	Summary: This host is missing an important security update according to Microsoft Bulletin MS14-009. Vulnerability Insight: Multiple flaws due to: - ASP.NET does not properly identify stale HTTP connections. - An error within the .NET framework when handling certain COM objects. - Additionally, some unspecified weakness exists. Vulnerability Impact: Successful exploitation could allow an attacker to bypass certain security mechanism and cause denial of service. Affected Software/OS: Microsoft .NET Framework 1.0, 1.1, 2.0, 3.0, 3.5, 3.5.1, 4.0, 4.5 and 4.5.1. Solution: The vendor has released updates. Please see the references for more information. CVSS Score: 9.3 CVSS Vector: AV:N/AC:M/Au:N/C:C/I:C/A:C
Cross-Ref:	Common Vulnerability Exposure (CVE) ID: CVE-2014-0253 BugTraq ID: 65415 http://www.securityfocus.com/bid/65415 Microsoft Security Bulletin: MS14-009 https://docs.microsoft.com/en-us/security-updates/securitybulletins/2014/ms14-009 http://osvdb.org/103162 http://www.securitytracker.com/id/1029745 http://secunia.com/advisories/56793 Common Vulnerability Exposure (CVE) ID: CVE-2014-0257 BugTraq ID: 65417 http://www.securityfocus.com/bid/65417 http://www.exploit-db.com/exploits/33892 http://packetstormsecurity.com/files/127246/MS14-009-.NET-Deployment-Service-IE-Sandbox-Escape.html http://www.osvdb.org/103163 Common Vulnerability Exposure (CVE) ID: CVE-2014-0295 BugTraq ID: 65418 http://www.securityfocus.com/bid/65418 http://www.greyhathacker.net/?p=585 http://osvdb.org/103164
Copyright	Copyright (C) 2014 Greenbone AG

This is only one of 145615 vulnerability tests in our test suite. Find out more about running a complete security audit. To run a free test of this vulnerability against your system, register below.